Vulnerable driver research tool, result and exploit PoCs
☆239Nov 1, 2023Updated 2 years ago
Alternatives and similar repositories for VDR
Users that are interested in VDR are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆90Mar 2, 2025Updated last year
- ☆35Nov 16, 2023Updated 2 years ago
- ☆61Aug 21, 2023Updated 2 years ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆25Sep 29, 2023Updated 2 years ago
- ☆92Aug 16, 2025Updated 9 months ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆246Sep 26, 2023Updated 2 years ago
- ☆66May 25, 2023Updated 3 years ago
- Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven☆268Oct 16, 2024Updated last year
- msFuzz is a coverage-guided fuzzer for Windows kernel drivers that utilizes Intel PT and leverages constraint and dependency analysis to …☆222Dec 24, 2025Updated 5 months ago
- Enumerate Callbacks and all Object Types☆16Jan 9, 2023Updated 3 years ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆412Jan 11, 2026Updated 4 months ago
- ☆156Oct 2, 2023Updated 2 years ago
- For when DLLMain is the only way☆434Oct 29, 2024Updated last year
- Implementation of Advanced Module Stomping and Heap/Stack Encryption☆227Jul 25, 2023Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.☆312Dec 9, 2023Updated 2 years ago
- Exploitation of echo_driver.sys☆170Sep 16, 2023Updated 2 years ago
- Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths☆359Aug 11, 2024Updated last year
- A tool that is used to hunt vulnerabilities in x64 WDM drivers☆461Dec 7, 2025Updated 5 months ago
- Load a dynamic library from memory by modifying the native Windows loader☆302May 5, 2026Updated 3 weeks ago
- A small x64 library to load dll's into memory.☆465Nov 6, 2023Updated 2 years ago
- Replace the .txt section of the current loaded modules from \KnownDlls\☆306Sep 28, 2022Updated 3 years ago
- Self delete DLL (2)☆14Feb 15, 2024Updated 2 years ago
- Process injection alternative☆409Sep 6, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Reports and POCs for CVE 2024-43570 and CVE-2024-43535☆30Jun 7, 2025Updated 11 months ago
- EvtPsst☆55Oct 24, 2023Updated 2 years ago
- EDRSandblast-GodFault☆272Aug 28, 2023Updated 2 years ago
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆629Jan 2, 2025Updated last year
- This repo contains EXPs about Vulnerable Windows Driver☆48May 22, 2024Updated 2 years ago
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer☆550Feb 13, 2024Updated 2 years ago
- PoCs and tools for investigation of Windows process execution techniques☆959Feb 2, 2026Updated 3 months ago
- PoCs for Kernelmode rootkit techniques research.☆440Mar 25, 2026Updated 2 months ago
- Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).☆157Jan 21, 2023Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Aims to identify sleeping beacons☆670Jan 25, 2026Updated 4 months ago
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆27Sep 15, 2023Updated 2 years ago
- Persistence via Shell Extensions☆64Aug 4, 2023Updated 2 years ago
- Security product hook detection☆330Mar 30, 2021Updated 5 years ago
- Helper idapython code for reversing kmdf drivers☆76Jul 20, 2022Updated 3 years ago
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.☆604Aug 2, 2025Updated 9 months ago
- Contains all the applications developed for the Second part of the 7th Edition of Windows Internals book☆119Jun 30, 2024Updated last year