ViperXSecurity / lib-nosaLinks
lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.
☆112Updated 9 months ago
Alternatives and similar repositories for lib-nosa
Users that are interested in lib-nosa are comparing it to the libraries listed below
Sorting:
- "Service-less" driver loading☆155Updated 6 months ago
- MIPS VM to execute payloads without allocating executable memory. Based on a PlayStation 1 (PSX) Emulator.☆115Updated 6 months ago
- Slides for COM Hijacking AV/EDR Talk on 38c3☆74Updated 5 months ago
- ☆110Updated 5 months ago
- Admin to Kernel code execution using the KSecDD driver☆251Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆265Updated 9 months ago
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆65Updated 2 months ago
- Malware?☆70Updated 8 months ago
- ☆107Updated 7 months ago
- Windows rootkit designed to work with BYOVD exploits☆200Updated 5 months ago
- a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor☆93Updated last year
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution☆42Updated 11 months ago
- ☆155Updated 6 months ago
- Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies☆120Updated last year
- Splitting and executing shellcode across multiple pages☆103Updated 2 years ago
- A Mythic Agent written in PIC C.☆190Updated 4 months ago
- A set of programs for analyzing common vulnerabilities in COM☆215Updated 9 months ago
- IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.☆102Updated last year
- Bypass LSA protection using the BYODLL technique☆163Updated 9 months ago
- ☆136Updated 2 years ago
- Find DLLs with RWX section☆81Updated last year
- Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)☆142Updated last year
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆82Updated 4 months ago
- An example reference design for a proposed BOF PE☆175Updated 2 months ago
- ☆57Updated last month
- ☆61Updated last year
- ☆42Updated 2 years ago
- Local & remote Windows DLL Proxying☆164Updated last year
- Injecting DLL into LSASS at boot☆118Updated last month
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆110Updated last month