LuckyPi / PushPin

Related projects ⓘ

Alternatives and complementary repositories for PushPin

• Cr4sh / pico_dma
  Autonomous pre-boot DMA attack hardware implant for M.2 slot based on PicoEVB development board
  ☆64Updated last year
• kkent030315 / NoPatchGuardCallback
  x64 Windows PatchGuard bypass, register process-creation callbacks from unsigned code
  ☆196Updated 3 years ago
• Deputation / hygieia
  Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.
  ☆135Updated 2 years ago
• kkent030315 / PageTableInjection
  Code Injection, Inject malicious payload via pagetables pml4.
  ☆226Updated 3 years ago
• not-wlan / driver-hijack
  ☆152Updated 5 years ago
• KiFilterFiberContext / warbird-hook
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆236Updated 2 years ago
• ioncodes / ceload
  BYOVD: Loading dbk64.sys and grabbing a handle to it
  ☆149Updated 2 years ago
• zer0condition / Demystifying-PatchGuard
  Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…
  ☆106Updated last year
• kkent030315 / MsIoExploit
  Exploit MsIo vulnerable driver
  ☆83Updated 3 years ago
• gmh5225 / CallMeWin32kDriver
  Load your driver like win32k.sys
  ☆247Updated 2 years ago
• kkent030315 / NtSymbol
  Resolve DOS MZ executable symbols at runtime
  ☆93Updated 2 years ago
• KelvinMsft / DeviceMon
  VT-based PCI device monitor (SPI)
  ☆150Updated 4 years ago
• w1u0u1 / kinject
  Kernel shellcode injector
  ☆142Updated 3 years ago
• LloydLabs / dearg-thread-ipc-stealth
  A novel technique to communicate between threads using the standard ETHREAD structure
  ☆110Updated 3 years ago
• thesecretclub / SandboxBootkit
  Bootkit for Windows Sandbox to disable DSE/PatchGuard.
  ☆258Updated 3 weeks ago
• CheckPointSW / showstopper
  ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…
  ☆196Updated 2 years ago
• AdamOron / PatchGuardBypass
  Bypassing PatchGuard on modern x64 systems
  ☆245Updated last year
• 0vercl0k / sic
  Enumerate user mode shared memory mappings on Windows.
  ☆114Updated 3 years ago
• kkent030315 / anycall
  x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration
  ☆219Updated 2 years ago
• Signal-Labs / IOCTLDump
  ☆131Updated last year
• zer0condition / NVDrv
  Abusing nvidia driver (nvoclock.sys) for physical/virtual memory and control register manipulation.
  ☆243Updated last year
• realoriginal / blacklotus
  A attempt at replicating BLACKLOTUS capabilities, whilst not acting as a direct mimic.
  ☆85Updated last year
• utoni / PastDSE
  DSE bypass using a leaked cert and adjusting the current clock.
  ☆133Updated 2 years ago
• ufrisk / LeechCore-plugins
  Plugins related to LeechCore
  ☆32Updated 2 months ago
• VollRagm / PTView
  Browse Page Tables on Windows (Page Table Viewer)
  ☆182Updated 2 years ago
• EvanMcBroom / pocs
  My Proof of Concept code for different publicly disclosed vulnerabilities
  ☆46Updated 5 months ago
• joshfinley / SyscallDumper
  Dump system call codes, names, and offsets from Ntdll.dll
  ☆70Updated last year
• mathisvickie / CVE-2021-21551
  arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system
  ☆53Updated 2 years ago
• Deputation / instrumentation_callbacks
  A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.
  ☆117Updated 2 years ago