A simple tool to assemble shellcode ready to be copy-pasted into code
☆71Jun 13, 2022Updated 3 years ago
Alternatives and similar repositories for ShellcodeBakery
Users that are interested in ShellcodeBakery are comparing it to the libraries listed below
Sorting:
- Small handy tool for crafting shellcodes by hand.☆18Apr 20, 2022Updated 3 years ago
- Archive R/W into any protected process by changing the value of KTHREAD->PreviousMode☆163Jul 31, 2022Updated 3 years ago
- CVE-2022-3699 with arbitrary kernel code execution capability☆71Dec 27, 2022Updated 3 years ago
- A mapper that maps shellcode into loaded large page drivers☆324Apr 26, 2022Updated 3 years ago
- ☆136Aug 6, 2022Updated 3 years ago
- Browse Page Tables on Windows (Page Table Viewer)☆234Apr 2, 2022Updated 3 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆121Feb 8, 2022Updated 4 years ago
- ☆37May 21, 2022Updated 3 years ago
- Reverse Engineering a signed kernel driver packed and virtualized with VMProtect 3.6☆105Apr 28, 2023Updated 2 years ago
- ☆73Aug 31, 2022Updated 3 years ago
- ☆192Dec 8, 2021Updated 4 years ago
- ☆146Jan 13, 2021Updated 5 years ago
- This tool will allow you to spoof the return addresses of your functions as well as system functions.☆550Nov 12, 2022Updated 3 years ago
- x64 Windows implementation of virtual-address to physical-address translation☆47Jun 3, 2021Updated 4 years ago
- Example of reading process memory through kernel special APC☆110Apr 21, 2023Updated 2 years ago
- ☆144Dec 10, 2022Updated 3 years ago
- 巨硬☆17Oct 4, 2023Updated 2 years ago
- Emulate Drivers in RING3 with self context mapping or unicorn☆365Aug 18, 2022Updated 3 years ago
- Windows Research Kernel☆37Sep 22, 2025Updated 5 months ago
- Scans all modules in target process for jmp/int3 hooks dissassembles then and follows jmps to destination.☆83Nov 5, 2023Updated 2 years ago
- Code for Battleyes shellcode☆239Nov 11, 2021Updated 4 years ago
- Illustrates the concept of return address spoofing, and how it is used.☆14May 13, 2020Updated 5 years ago
- Hook NtDeviceIoControlFile with PatchGuard☆107May 10, 2022Updated 3 years ago
- Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.☆382Aug 8, 2021Updated 4 years ago
- Easy Anti PatchGuard☆223Apr 9, 2021Updated 4 years ago
- A Simple Example☆23Nov 30, 2018Updated 7 years ago
- PointerGuard is a proof-of-concept tool used to create 'guarded' pointers which disguise pointer addresses, monitor reads/writes, and pre…☆57May 23, 2022Updated 3 years ago
- ☆23Oct 18, 2021Updated 4 years ago
- ☆193May 1, 2023Updated 2 years ago
- Code used in this post https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html☆144Apr 21, 2022Updated 3 years ago
- Top level overlay drawing for game cheating using dwm.exe☆48Oct 26, 2021Updated 4 years ago
- POC usermode <=> kernel communication via ALPC.☆72Jun 6, 2024Updated last year
- ☆34Apr 11, 2023Updated 2 years ago
- ☆51Aug 28, 2021Updated 4 years ago
- An x64 page table iterator written in C++ as a kernel mode windows driver.☆119May 25, 2021Updated 4 years ago
- How to use PiDqSerializationWrite. Introduces how to safely read and write from mapped driver☆26May 29, 2023Updated 2 years ago
- Extracts the files embedded inside of a .NET AppHost.☆19Dec 13, 2025Updated 2 months ago
- Unknowncheats Magically Optimized Tidy Mapper using nvaudio☆153Jun 11, 2024Updated last year
- 从MmPfnData中枚举进程和页目录基址☆207Aug 18, 2023Updated 2 years ago