☆25Apr 28, 2024Updated last year
Alternatives and similar repositories for ReadWriteDriverSample
Users that are interested in ReadWriteDriverSample are comparing it to the libraries listed below
Sorting:
- ☆31Jul 26, 2024Updated last year
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆20Apr 17, 2023Updated 2 years ago
- Windbg extension port for rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.☆13Sep 8, 2023Updated 2 years ago
- ☆182Apr 24, 2025Updated 10 months ago
- Process Ghosting is a technique in which a process is created from a delete pending file. This means the created process is not backed by…☆16May 6, 2024Updated last year
- Automated (kinda) deployment of MalRDP infrastructure with Terraform & Ansible☆12Sep 15, 2023Updated 2 years ago
- Modified versions of the Cobalt Strike Process Injection Kit☆106Jan 24, 2024Updated 2 years ago
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆35Mar 28, 2023Updated 2 years ago
- Info on how to use Kerberos KDC on a non-domain joined host☆53Jul 31, 2024Updated last year
- A service container for interacting with SRA's VECTR☆16Apr 9, 2025Updated 11 months ago
- ☆126Sep 1, 2024Updated last year
- A lexer and parser for Sleep☆20Feb 20, 2026Updated last month
- List the ETW provider(s) in the registration table of a process.☆80Sep 20, 2023Updated 2 years ago
- Abuse leaked token handles.☆136Dec 14, 2023Updated 2 years ago
- Proof-of-Concept to evade auditd by tampering via ptrace☆19Aug 3, 2023Updated 2 years ago
- Repository of Microsoft Driver Block Lists based off of OS-builds☆43Apr 14, 2024Updated last year
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115May 21, 2023Updated 2 years ago
- Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)☆144Mar 16, 2024Updated 2 years ago
- (First Public?) Sample of unhooking ntdll (All Exports & IAT imports) hooks in Rust using in-memory disassembly, avoiding direct syscalls…☆138Mar 3, 2025Updated last year
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆63Mar 19, 2024Updated 2 years ago
- 可爬取、更新并将 K8S 官方漏洞翻译(通过 DeepSeek)成简体中文☆17Jul 19, 2025Updated 8 months ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆412Jan 11, 2026Updated 2 months ago
- ☆101Oct 7, 2023Updated 2 years ago
- Research of modifying exported function names at runtime (C/C++, Windows)☆18May 28, 2024Updated last year
- PoC XLL builder in Python/Nim☆49Nov 21, 2022Updated 3 years ago
- Threadless shellcode injection tool☆68Aug 5, 2024Updated last year
- 正确解析 _HEAP_VS_***符号 ,支持在最新win11 24h2 运行,替换windbg自带的!pool命令☆17Nov 30, 2024Updated last year
- C# version of NTLMRawUnHide☆72Oct 8, 2022Updated 3 years ago
- Keep it secret, keep it safe☆78Feb 6, 2025Updated last year
- A (quite) simple steganography algorithm to hide shellcodes within bitmap image.☆25May 4, 2024Updated last year
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆150May 3, 2024Updated last year
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆87Apr 11, 2023Updated 2 years ago
- Loading and executing shellcode in C# without PInvoke.☆22Jan 10, 2022Updated 4 years ago
- Exploit for elevation of privilege vulnerability in QuickHeal's Seqrite EPS (CVE-2023-31497).☆18Oct 30, 2023Updated 2 years ago
- Sample Rust Hooking Engine☆36Apr 5, 2024Updated last year
- ☆82Apr 9, 2024Updated last year
- Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscal…☆322Aug 2, 2023Updated 2 years ago
- A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.☆327Jan 31, 2023Updated 3 years ago
- miscellaneous codes☆36Sep 24, 2023Updated 2 years ago