Vulnerable driver research tool, result and exploit PoCs
☆236Nov 1, 2023Updated 2 years ago
Alternatives and similar repositories for VDR
Users that are interested in VDR are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆85Mar 2, 2025Updated last year
- ☆35Nov 16, 2023Updated 2 years ago
- ☆61Aug 21, 2023Updated 2 years ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆25Sep 29, 2023Updated 2 years ago
- ☆92Aug 16, 2025Updated 8 months ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- ☆66May 25, 2023Updated 2 years ago
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆243Sep 26, 2023Updated 2 years ago
- Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven☆266Oct 16, 2024Updated last year
- msFuzz is a coverage-guided fuzzer for Windows kernel drivers that utilizes Intel PT and leverages constraint and dependency analysis to …☆220Dec 24, 2025Updated 3 months ago
- Enumerate Callbacks and all Object Types☆16Jan 9, 2023Updated 3 years ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆413Jan 11, 2026Updated 3 months ago
- ☆155Oct 2, 2023Updated 2 years ago
- For when DLLMain is the only way☆426Oct 29, 2024Updated last year
- Implementation of Advanced Module Stomping and Heap/Stack Encryption☆226Jul 25, 2023Updated 2 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.☆311Dec 9, 2023Updated 2 years ago
- Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths☆361Aug 11, 2024Updated last year
- Exploitation of echo_driver.sys☆170Sep 16, 2023Updated 2 years ago
- A tool that is used to hunt vulnerabilities in x64 WDM drivers☆451Dec 7, 2025Updated 4 months ago
- Load a dynamic library from memory by modifying the native Windows loader☆292Jun 18, 2025Updated 10 months ago
- A small x64 library to load dll's into memory.☆462Nov 6, 2023Updated 2 years ago
- Replace the .txt section of the current loaded modules from \KnownDlls\☆305Sep 28, 2022Updated 3 years ago
- Self delete DLL (2)☆13Feb 15, 2024Updated 2 years ago
- Process injection alternative☆407Sep 6, 2024Updated last year
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Reports and POCs for CVE 2024-43570 and CVE-2024-43535☆30Jun 7, 2025Updated 10 months ago
- EvtPsst☆55Oct 24, 2023Updated 2 years ago
- EDRSandblast-GodFault☆271Aug 28, 2023Updated 2 years ago
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆622Jan 2, 2025Updated last year
- This repo contains EXPs about Vulnerable Windows Driver☆48May 22, 2024Updated last year
- PoCs and tools for investigation of Windows process execution techniques☆955Feb 2, 2026Updated 2 months ago
- PoCs for Kernelmode rootkit techniques research.☆436Mar 25, 2026Updated 3 weeks ago
- Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).☆155Jan 21, 2023Updated 3 years ago
- Aims to identify sleeping beacons☆664Jan 25, 2026Updated 2 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆27Sep 15, 2023Updated 2 years ago
- Persistence via Shell Extensions☆64Aug 4, 2023Updated 2 years ago
- Security product hook detection☆328Mar 30, 2021Updated 5 years ago
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer☆547Feb 13, 2024Updated 2 years ago
- Helper idapython code for reversing kmdf drivers☆75Jul 20, 2022Updated 3 years ago
- Encrypted shellcode Injection to avoid Kernel triggered memory scans☆409Sep 12, 2023Updated 2 years ago
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.☆593Aug 2, 2025Updated 8 months ago