Signal-Labs / Hotpatching_PoC

Related projects: ⓘ

• rbmm / RtlClone
  ☆26Updated 2 months ago
• Kharos102 / ReadWriteDriverSample
  ☆23Updated 4 months ago
• RobinFassinaMoschiniForks / TransitionalPeriod
  Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits
  ☆28Updated 2 years ago
• ommadawn46 / HEVD-BufferOverflowNonPagedPoolNx-Win10-22H2
  HEVD Exploit: BufferOverflowNonPagedPoolNx on Windows 10 22H2 - Escalating from Low Integrity to SYSTEM via Aligned Chunk Confusion
  ☆36Updated last month
• benheise / ANGRYORCHARD
  A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.
  ☆27Updated last year
• jsacco / PPL_Bypass
  ☆12Updated 2 years ago
• waleedassar / ALPC_CLIENT_SERVER
  Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.
  ☆20Updated 2 years ago
• bananabr / Givemeahand
  A PoC tool for exploiting leaked process and thread handles
  ☆30Updated 7 months ago
• tandasat / CVE-2024-21305
  Report and exploit of CVE-2024-21305.
  ☆29Updated 8 months ago
• D1rkMtr / Internals_Exploring
  ☆14Updated this week
• b-irb / PigPEI
  PEIM (UEFI) bootkit targeting OVMF (EDK2)
  ☆33Updated 9 months ago
• 0vercl0k / kdmp-parser-rs
  A KISS Rust crate to parse Windows kernel crash-dumps created by Windows & its debugger.
  ☆33Updated last month
• matterpreter / cpuid
  A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class
  ☆24Updated last year
• worawit / malk
  Demonstrate calling a kernel function and handle process creation callback against HVCI
  ☆46Updated last year
• jbaines-r7 / dellicious
  Enabled / Disable LSA Protection via BYOVD
  ☆61Updated 2 years ago
• yo-yo-yo-jbo / anti_debugging_intro
  ☆22Updated last year
• airbus-cert / ttd2mdmp
  Extract data of TTD trace file to a minidump
  ☆28Updated last year
• pr0tean / TelemetrySourcerer-patched
  Tiny driver patch to allow kernel callbacks to work on Win10 21h1
  ☆31Updated 2 years ago
• aaaddress1 / knownDlls_Poison
  ☆26Updated 2 years ago
• WHots / RosaryAV
  Lightweight Threat Detection System - (Base)
  ☆14Updated 5 months ago
• bluefrostsecurity / Windows-Drive-Remapping-EoP
  ☆23Updated 10 months ago
• polakow / WindowsBypassSMEP
  Example for PagedOut!
  ☆24Updated 4 years ago
• rad9800 / OwlScanner
  ☆13Updated this week
• namazso / PEDiffGen
  Subtract one PE file from another!
  ☆19Updated 2 years ago
• HypsyNZ / TrustedLauncher
  ☆19Updated this week
• OtterHacker / CoffLoader
  ☆48Updated last year
• klezVirus / DCKFinder
  Dangling COM Keys Finder
  ☆14Updated 2 years ago
• not-matthias / vmprotect-rs
  Rust bindings for VMProtect.
  ☆23Updated 6 months ago
• iammaguire / Salient-Rootkit
  A kernel mode Windows rootkit in development.
  ☆49Updated 2 years ago
• st4ckh0und / hook-buster
  A compact tool for detecting AV/EDR hooks in default Windows libraries.
  ☆29Updated 2 years ago