MrAle98 / ATDCM64a-LPEView external linksLinks
☆21Jan 15, 2025Updated last year
Alternatives and similar repositories for ATDCM64a-LPE
Users that are interested in ATDCM64a-LPE are comparing it to the libraries listed below
Sorting:
- Open-source EDR kernel-component for system monitoring and DLL injection☆33Nov 14, 2020Updated 5 years ago
- Windows AppLocker Driver (appid.sys) LPE☆73Jul 29, 2024Updated last year
- ☆40Jan 11, 2022Updated 4 years ago
- ☆41Jun 23, 2024Updated last year
- POC for CVE-2023-29360☆12Aug 31, 2024Updated last year
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆78Mar 29, 2025Updated 10 months ago
- driver that communicates using a shared section☆86Mar 17, 2025Updated 10 months ago
- CVE-2024-30090 - LPE PoC☆108Oct 17, 2024Updated last year
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- Port of Mandiant ShellcodeHashes plugin from IDA to BinaryNinja☆11Jul 24, 2024Updated last year
- Cobaltstrike UDRL with memory evasion☆15May 16, 2024Updated last year
- Hyper-V Fuzzer using hAFL2☆11May 10, 2022Updated 3 years ago
- Microsoft decompiled IrDA drivers☆16Apr 15, 2015Updated 10 years ago
- An example of how to use Microsoft Windows Warbird technology☆96Apr 23, 2023Updated 2 years ago
- ☆153Jul 31, 2022Updated 3 years ago
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆57Feb 2, 2026Updated last week
- Repository of different kernel drivers written while studying Windows NT Driver development☆12Apr 14, 2024Updated last year
- ☆12Jan 10, 2025Updated last year
- ☆12Apr 7, 2022Updated 3 years ago
- POC exploit for CVE-2024-49138☆266Feb 14, 2025Updated last year
- Monitor ETW events for Windows process mitigation policies, with stack traces☆31Oct 7, 2022Updated 3 years ago
- A PoC tool for exploiting leaked process and thread handles☆32Feb 13, 2024Updated 2 years ago
- ☆31Jan 12, 2022Updated 4 years ago
- ☆47May 8, 2021Updated 4 years ago
- ☆12Jul 27, 2020Updated 5 years ago
- Various reverse engineering work on Windows☆21Feb 21, 2021Updated 4 years ago
- System Call Integrity Layer - experimental security research☆25Jan 31, 2026Updated 2 weeks ago
- Extracted lua script from Defender mpavbase.vdm and mpasbase.vdm☆16Jul 5, 2024Updated last year
- An example of how to spawn a process with a spoofed parent PID (Visual C++)☆29Mar 3, 2019Updated 6 years ago
- WPTaskScheduler RPC Persistence & CVE-2024-49039 via Task Scheduler☆135Jul 21, 2025Updated 6 months ago
- Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections☆166May 17, 2023Updated 2 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆37Jul 27, 2021Updated 4 years ago
- Windbg extension port for rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.☆13Sep 8, 2023Updated 2 years ago
- Basic experimentation with Windows drivers.☆17Mar 3, 2023Updated 2 years ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆69Oct 10, 2025Updated 4 months ago
- Using Microsoft Visual Studio 2019 Building A LLVM Out-Source-Tree Pass☆17Apr 30, 2020Updated 5 years ago
- Programming/scripting language☆18Jan 3, 2025Updated last year
- Process Hollowing in Rust with Process Executable Relocation Support for both 32 and 64 bit architecture environments.☆22Jan 6, 2025Updated last year
- ☆57Apr 19, 2023Updated 2 years ago