SpiralBL0CK / BlackLotus-analysis-stage2-bootkit-rootkit-stage

Related projects: ⓘ

• realoriginal / preboot
  Experiment with d_olex's firmware and conducting "preboot" attack
  ☆15Updated last year
• exploits-forsale / CVE-2024-26218
  Proof-of-Concept for CVE-2024-26218
  ☆46Updated 4 months ago
• therealdreg / okhi
  Open Keylogger Hardware Implant - USB & PS2 Keyboards
  ☆50Updated last week
• aaaddress1 / ntkrnlProtectScan
  One Click Tool to Scan All the Enabled Protection of current Windows NT Kernel
  ☆43Updated 11 months ago
• exploits-forsale / prefetch-tool
  Windows KASLR bypass using prefetch side-channel
  ☆64Updated 4 months ago
• Wh04m1001 / GamingServiceEoP5
  ☆27Updated 4 months ago
• omair2084 / msmq_re
  ☆24Updated last year
• realoriginal / blacklotus
  A attempt at replicating BLACKLOTUS capabilities, whilst not acting as a direct mimic.
  ☆81Updated last year
• HackingThings / OneBootloaderToLoadThemAll
  One Bootloader to Load Them All - Research materials, Code , Etc.
  ☆47Updated 2 years ago
• RomanRybachek / CVE-2024-20698
  Analysis of the vulnerability
  ☆46Updated 7 months ago
• ic3qu33n / michelangelo-reanimator
  Michelangelo REanimator bootkit and REcon 2023 talk slides/materials
  ☆27Updated 6 months ago
• mgrube / recon_22
  ☆10Updated 2 years ago
• NtQuerySystemInformation / Malware-RE-papers
  Here are some of my malware reversing papers that I will be publishing
  ☆30Updated 2 years ago
• imperva / frida-jit-unpacker
  The Frida-Jit-unPacker aims at helping researchers and analysts understand the behavior of packed malicious .NET samples.
  ☆52Updated 5 months ago
• hasherezade / flareon2023
  ☆25Updated 10 months ago
• therealdreg / ftdibrick
  FTDI bricker just for fun - malware POC+hardware hacking CTF
  ☆16Updated this week
• 20urc3 / Aplos
  Aplos an extremely simple fuzzer for Windows binaries.
  ☆66Updated 5 months ago
• xforcered / Windows_MSKSSRV_LPE_CVE-2023-36802
  LPE exploit for CVE-2023-36802
  ☆21Updated 11 months ago
• TraiLeR2 / CVE-2023-36168
  An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe component
  ☆11Updated last year
• binarly-io / ToolsAndPoCs
  BINARLY Research Tools and PoCs
  ☆10Updated 6 months ago
• ic3qu33n / OffensiveCon24-uefi-task-of-the-translator
  OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI and the Task of the Translator"
  ☆43Updated 3 months ago
• frank2 / blenny
  A payload delivery system which embeds payloads in an executable's icon file!
  ☆72Updated 7 months ago
• rbmm / Services
  ☆17Updated last year
• SafeBreach-Labs / MagicDot
  A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue
  ☆92Updated 5 months ago
• NUL0x4C / GP
  using the gpu to hide your payload
  ☆47Updated 2 years ago
• realoriginal / bootdoor
  An initial proof of concept of a bootkit based on Cr4sh's DMABackdoorBoot
  ☆56Updated last year
• exploits-forsale / 24h2-nt-exploit
  Exploit targeting NT kernel in 24H2 Windows Insider Preview
  ☆99Updated 4 months ago
• NotokDay / NTProcessInjector
  Process injection via native Windows APIs (NTAPIs)
  ☆15Updated 8 months ago
• cod3nym / Deobfuscar
  A simple commandline application to automatically decrypt strings from Obfuscator protected binaries
  ☆38Updated 3 months ago
• connormcgarr / EATGuard
  Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)
  ☆91Updated last year
• exploits-forsale / CVE-2024-21345
  Proof-of-Concept for CVE-2024-21345
  ☆70Updated 4 months ago