Pdawg-bytes / UEFIBootKit
A simple UEFI bootkit made by @NSG650 and me.
☆26Updated 3 months ago
Alternatives and similar repositories for UEFIBootKit:
Users that are interested in UEFIBootKit are comparing it to the libraries listed below
- CVE-2024-40431+CVE-2022-25479 chain for EOP(DATA ONLY ATTACK)☆44Updated 6 months ago
- A few examples of how to trap virtual memory access on Windows.☆29Updated 4 months ago
- call gates as stable comunication channel for NT x86 and Linux x86_64☆31Updated last year
- Report and exploit of CVE-2024-21305.☆34Updated last year
- ☆41Updated 3 weeks ago
- A fully compatible replacement of Windows NT NtCreateLowBoxToken syscall - precisely restored from reverse engineering☆35Updated 3 months ago
- ☆38Updated 2 months ago
- ☆20Updated 3 months ago
- Proof-of-Concept for CVE-2024-26218☆51Updated 11 months ago
- Remove WPP calls from hexrays decompiled code☆45Updated 2 weeks ago
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆26Updated last year
- Windows AppLocker Driver (appid.sys) LPE☆53Updated 8 months ago
- havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets☆27Updated 8 months ago
- Check if your AV/EDR does inline hooking, displays the hooked functions and allows you to compare them with the original ones.☆27Updated 2 weeks ago
- LPE of CVE-2024-26230☆23Updated 7 months ago
- An x64dbg plugin which marks XFG call signatures as data☆73Updated last year
- Mentally ill EtwTi parser☆36Updated 3 weeks ago
- bootlicker: A terribly written but functioning UEFI shellcode bootkit patched into a firmware volume or boot device on the EFI partition☆16Updated 2 months ago
- Exploiting the KsecDD Windows driver through Server Silos☆65Updated 5 months ago
- Reports on Driver, LSASS and other security services mitigations☆15Updated last week
- rust clr heap encryption (https://github.com/lap1nou/CLR_Heap_encryption), but no heap encryption.☆15Updated last year
- Lightweight Threat Detection System - (Base)☆14Updated last year
- Analysis of the vulnerability☆51Updated last year
- Repo with different exploits & PoCs☆64Updated 6 months ago
- Exploiting ring0 memcpy-like functionality to disable Driver Signing Enforcement (DSE)☆20Updated 5 years ago
- ☆34Updated last year
- Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…☆56Updated this week
- In-memory hiding technique☆48Updated 3 months ago
- ☆12Updated last year
- An Obfuscator-LLVM based mingw-w64 toolchain.☆38Updated 3 years ago