LegendSaber / exp_x64Links
☆24Updated 3 years ago
Alternatives and similar repositories for exp_x64
Users that are interested in exp_x64 are comparing it to the libraries listed below
Sorting:
- https://key08.com/index.php/2021/10/19/1375.html☆69Updated 3 years ago
- 笔者的在原作者池风水利用工具(以下简称工具)基础上进行二次开发,新增了全自动获取内核调试模块符号的偏移量及配置参数和不同漏洞利用方式优化等功能, 解决了不同Windows版本适配问题,工具包括适配驱动和利用程序两部分组成,实现了在Windows 10 19H1之后任意版本包…☆76Updated 3 years ago
- Call NtCreateUserProcess directly as normal.☆72Updated 3 years ago
- 简单安排一下 autochk.sys 这个rootkit☆73Updated 2 years ago
- 沙箱测试,测评国内常见沙箱的代码与结论☆103Updated 4 years ago
- Windows Kernel Knowledge && Collect Resources on the wire && Nothing innovation by myself &&☆56Updated 2 months ago
- 关于intel和amd指令行为不一样这件事☆61Updated 3 years ago
- 过去写的一些Windows安全研究相关代码☆135Updated 6 years ago
- win32kbase!NtDCompositionCommitSynchronizationObject and win32kbase!NtGdiGetCertificate☆16Updated 3 years ago
- windwos内核研究与驱动Code☆66Updated 3 years ago
- 大数字驱动逆向代码☆73Updated last year
- sc4cpp is a shellcode framework based on C++☆90Updated 3 years ago
- 基于UC的启发式杀毒引擎[还没做完]☆34Updated 4 years ago
- Windows CVE主防(HIPS/HIDS)☆56Updated 4 years ago
- 参考taviso的代码逆向一下mpengine.dll☆20Updated 3 years ago
- PEBFake(修改PEB 伪装当前进程路径、参数等)☆51Updated 4 years ago
- Windows Etw LPE☆50Updated 3 years ago
- Kill Protected Process Light Process (include av)☆58Updated last year
- ☆40Updated 3 years ago
- 《Windows内核编程》学习☆62Updated 4 years ago
- ☆22Updated 4 years ago
- Changes handle's access rights using DKOM with a vulnerable driver☆25Updated 7 years ago
- 针对windows rootkit的一些检测,分别从进程、端口、文件这三个方面进行检测。☆21Updated 7 months ago
- ☆22Updated 3 years ago
- Mhy Exp (exploit signed driver)☆142Updated 3 years ago
- IDA plugin for COM☆48Updated 2 years ago
- 绕过卡巴斯基主动防御,加载驱动,unhook所有ssdt hook及shadow ssdt hook☆37Updated 9 years ago
- Process Injection via Component Object Model (COM) IRundown::DoCallback().☆60Updated 2 years ago
- ☆32Updated 2 years ago
- 从admin冲到TrustedInstaller☆17Updated 2 years ago