POPFD / cascade

Related projects: ⓘ

• b-irb / PigPEI
  PEIM (UEFI) bootkit targeting OVMF (EDK2)
  ☆33Updated 9 months ago
• DownWithUp / WarbirdExamples
  An example of how to use Microsoft Windows Warbird technology
  ☆24Updated last year
• Wack0 / SecureBootPolicyTools
  Take back control of Windows Code Integrity, no exploits or patching required! Requires that you control your own Platform Key (PK).
  ☆36Updated 2 years ago
• NewWorldComingSoon / llvm-msvc-windows-driver-template
  Windows kernel driver template for cmkr and llvm-msvc.
  ☆32Updated 8 months ago
• NotRequiem / antidbg
  C/C++ antidebugging library for 32 and 64 bit processors
  ☆10Updated 2 months ago
• Nitr0-G / SVM-Hypervisor
  This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM
  ☆22Updated 10 months ago
• therealdreg / windbgtocstruct
  Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…
  ☆26Updated last year
• samrussell / obfus
  Playing with LLVM passes
  ☆34Updated last year
• tandasat / CVE-2024-21305
  Report and exploit of CVE-2024-21305.
  ☆29Updated 8 months ago
• hfiref0x / AsIo3Unlock
  ASUSTeK AsIO3 I/O driver unlock
  ☆19Updated 3 years ago
• 3intermute / hvICE
  hypervisor enforced patch protection for the linux kernel with xen + libvmi, libvmi KASLR offset spoofer
  ☆27Updated 4 months ago
• not-matthias / kernel-log-rs
  A minimalistic logger for Windows Kernel Drivers.
  ☆20Updated 6 months ago
• intel / unicorn-for-efi
  Unicorn Engine port for UEFI firmware
  ☆41Updated 4 months ago
• r3bb1t / bin_lift
  Rust library for lifting raw binary data to LLVM IR
  ☆37Updated last month
• shareef12 / driveranalyzer
  Binary Ninja plugin to perform automated analysis of Windows drivers
  ☆16Updated 5 years ago
• mrexodia / DisableParallelLoader
  Plugin for x64dbg to disable parallel loading of dependencies
  ☆19Updated 2 years ago
• samrussell / vmprotect_binja_plugin
  Binary Ninja plugin for automating VMProtect analysis
  ☆55Updated last year
• worawit / malk
  Demonstrate calling a kernel function and handle process creation callback against HVCI
  ☆46Updated last year
• therealdreg / ida_vmware_windows_gdb
  Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)
  ☆57Updated last year
• malware-unicorn / pteroioctl-hook
  A driver to implement IOCTL hooking
  ☆23Updated 2 years ago
• greyb1t / GreyM
  Me fockin' pe protector
  ☆45Updated last year
• ergrelet / themida-spotter-bn
  A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.
  ☆62Updated last month
• backengineering / vmhook
  A demonstration of hooking into the VMProtect-2 virtual machine
  ☆16Updated 10 months ago
• sh4m2hwz / devirt_vmp
  devirtualization vmprotect
  ☆59Updated last year
• archercreat / api-tracer
  api-tracer is a tiny (useless) tracer
  ☆14Updated last year
• Air14 / SmmLoader
  Runtime smm module loader
  ☆30Updated last year
• ergrelet / themida-unmutate-bn
  A Binary Ninja plugin to deobfuscate Themida, WinLicense and Code Virtualizer 3.x's mutation-based obfuscation.
  ☆16Updated last month
• DenuvoSoftwareSolutions / DVRT
  How Meltdown and Spectre haunt Anti-Cheat: DVRT details
  ☆18Updated 3 weeks ago
• benheise / ANGRYORCHARD
  A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.
  ☆27Updated last year
• alfarom256 / MinifilterResearch
  ☆15Updated last year