MortenSchenk / BHUSA2017
Content from presentation at BHUSA 2017
☆180Updated 7 years ago
Alternatives and similar repositories for BHUSA2017:
Users that are interested in BHUSA2017 are comparing it to the libraries listed below
- Hardcore corruption of my execve() vulnerability in WSL☆214Updated 7 years ago
- I Know Where Your Page Lives: Derandomizing the latest Windows 10 Kernel - ZeroNights 2016☆163Updated 8 years ago
- DC25 5A1F - Demystifying Windows Kernel Exploitation by Abusing GDI Objects☆145Updated 7 years ago
- WinHeap Explorer repository.☆119Updated 6 years ago
- Exploits for CVE-2017-6008, a kernel pool buffer overflow leading to privilege escalation.☆117Updated 4 months ago
- Fuzz and Detect "Use After Free" vulnerability in win32k.sys ( Heap based )☆132Updated 9 years ago
- Pocs for Antivirus Software‘s Kernel Vulnerabilities☆263Updated 7 years ago
- windows kernel vulnerability found by me☆91Updated 7 years ago
- my public code☆166Updated 8 years ago
- ☆140Updated 7 years ago
- PEDA-like debugger UI for WinDbg☆203Updated 11 months ago
- ☆232Updated 7 years ago
- Python solutions for the HackSysTeam Extreme Vulnerable Driver☆151Updated 4 years ago
- GUI tool to create ROP chains using the ropper API☆156Updated 6 years ago
- Some example source code for fixed IE11 sandbox escapes.☆140Updated 10 years ago
- Small tool for generating ropchains using unicorn and z3☆197Updated 7 years ago
- Attacking the Core associated source files☆87Updated 7 years ago
- Collection of VC++ example applications to demonstrate Win10 userland heap behavior (BEA & FEA)☆84Updated 8 years ago
- ARM shellcode and exploit development - BSidesMunich 2018☆106Updated 6 years ago
- A kernel driver to practice writing exploits against, as well as some example exploits using public techniques.☆403Updated 10 years ago
- A Bochs-based instrumentation performing kernel memory taint tracking to detect disclosure of uninitialized memory to ring 3☆301Updated 6 years ago
- A set of exploitation/reversing aids for IDA☆417Updated 7 years ago
- Old mitigation-bounty code that was applicable to edge before it use webkit/chrome☆87Updated 8 years ago
- Automated Exploit generation with WinDBG☆190Updated 8 years ago
- ROPMEMU is a framework to analyze, dissect and decompile complex code-reuse attacks.☆284Updated 8 years ago
- flare-dbg is a project meant to aid malware reverse engineers in rapidly developing debugger scripts.☆150Updated 7 years ago
- Automatically exported from code.google.com/p/ioctlfuzzer☆160Updated 9 years ago
- Proof-of-Concept exploit for Edge bugs (CVE-2016-7200 & CVE-2016-7201)☆138Updated 8 years ago
- A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.☆430Updated 6 years ago
- Implements the POP/MOV SS (CVE-2018-8897) vulnerability by leveraging SYSCALL to perform a local privilege escalation (LPE).☆116Updated 6 years ago