SouhailHammou / Exploits

Related projects: ⓘ

• vineetgaurav / WIN_JELLY
  Windows GPU rootkit PoC by Team Jellyfish
  ☆35Updated 9 years ago
• hasherezade / libpeconv_tpl
  A ready-made template for a project based on libpeconv.
  ☆40Updated last year
• hasherezade / loaderine
  A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.
  ☆19Updated 6 years ago
• DoubleLabyrinth / ProcessHollowing
  ☆35Updated 5 years ago
• 0xZ0F / CPPMemory
  Code that can be used as a reference, library, or inspiration for hacking Windows memory.
  ☆50Updated 4 years ago
• hoangprod / DanSpecial
  Weaponizing Gigabyte driver for priv escalation and bypass PPL
  ☆68Updated 5 years ago
• Jb05s / Exploit-Dev-C
  ☆22Updated 4 years ago
• FULLSHADE / AntiDebugging
  ☆29Updated this week
• mathisvickie / CVE-2021-21551
  arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system
  ☆52Updated 2 years ago
• hasherezade / hidden_bee_tools
  Parser for a custom executable format from Hidden Bee malware (first stage)
  ☆39Updated last week
• own2pwn / r0ak
  r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems
  ☆25Updated 6 years ago
• DimopoulosElias / Primitives
  ☆31Updated 4 years ago
• DownWithUp / DynamicKernelShellcode
  An example of how x64 kernel shellcode can dynamically find and use APIs
  ☆103Updated 4 years ago
• therealdreg / cgaty
  Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)
  ☆69Updated last year
• fdiskyou / windows-ps-callbacks-experiments
  ☆40Updated this week
• NtRaiseHardError / UnRunPE
  PoC for detecting and dumping process hollowing code injection
  ☆50Updated 5 years ago
• SinaKarvandi / x64-Driver-Inline-Assembly
  This is a simple driver with x64 inline assembly
  ☆52Updated 4 years ago
• 0vercl0k / KEPaboo
  Neutralize KEPServerEX anti-debugging techniques
  ☆30Updated last year
• uvbs / NT-APC-Injector
  APC DLL Injector with NtQueueApcThread and wake up thread support
  ☆44Updated 7 years ago
• kernelm0de / RunPE-ProcessHollowing
  ☆48Updated this week
• connormcgarr / Kernel-Escalation-of-Privileges-Payloads
  NT AUTHORITY\SYSTEM
  ☆37Updated 4 years ago
• zhuhuibeishadiao / exploit-RemoteDesktopServerDriver
  exploit termdd.sys(support kb4499175)
  ☆58Updated 5 years ago
• vxunderground / Vx-Engines
  ☆58Updated this week
• deroko / SPPLUAObjectUacBypass
  ☆45Updated 6 years ago
• mobdk / CloneProcess
  Clone running process with ZwCreateProcess
  ☆58Updated 3 years ago
• SandboxEscaper / msihijacker
  ☆31Updated this week
• NtRaiseHardError / Sysmon
  Sysmon shenanigans
  ☆65Updated 3 years ago
• securesean / Shim-Process-Scanner
  Windows x64 Process Scanner to detect application compatability shims
  ☆37Updated 5 years ago
• Truneski / WindowsKernelProgramming-Exercises
  ☆48Updated 4 years ago
• killswitch-GUI / HotLoad-Driver
  C++
  ☆79Updated 8 years ago