LuckyPi / PushPin
☆80Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for PushPin
- Autonomous pre-boot DMA attack hardware implant for M.2 slot based on PicoEVB development board☆64Updated last year
- x64 Windows PatchGuard bypass, register process-creation callbacks from unsigned code☆196Updated 3 years ago
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆135Updated 2 years ago
- Code Injection, Inject malicious payload via pagetables pml4.☆226Updated 3 years ago
- ☆152Updated 5 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆236Updated 2 years ago
- BYOVD: Loading dbk64.sys and grabbing a handle to it☆149Updated 2 years ago
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆106Updated last year
- Exploit MsIo vulnerable driver☆83Updated 3 years ago
- Load your driver like win32k.sys☆247Updated 2 years ago
- Resolve DOS MZ executable symbols at runtime☆93Updated 2 years ago
- VT-based PCI device monitor (SPI)☆150Updated 4 years ago
- Kernel shellcode injector☆142Updated 3 years ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆110Updated 3 years ago
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆258Updated 3 weeks ago
- ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…☆196Updated 2 years ago
- Bypassing PatchGuard on modern x64 systems☆245Updated last year
- Enumerate user mode shared memory mappings on Windows.☆114Updated 3 years ago
- x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration☆219Updated 2 years ago
- ☆131Updated last year
- Abusing nvidia driver (nvoclock.sys) for physical/virtual memory and control register manipulation.☆243Updated last year
- A attempt at replicating BLACKLOTUS capabilities, whilst not acting as a direct mimic.☆85Updated last year
- DSE bypass using a leaked cert and adjusting the current clock.☆133Updated 2 years ago
- Plugins related to LeechCore☆32Updated 2 months ago
- Browse Page Tables on Windows (Page Table Viewer)☆182Updated 2 years ago
- My Proof of Concept code for different publicly disclosed vulnerabilities☆46Updated 5 months ago
- Dump system call codes, names, and offsets from Ntdll.dll☆70Updated last year
- arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system☆53Updated 2 years ago
- A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.☆117Updated 2 years ago