VollRagm / ShellcodeBakery

Related projects: ⓘ

• estimated1337 / hidden_syscall
  hidden_syscall - syscaller without using syscall instruction in code
  ☆58Updated last year
• zer0condition / GDRVLib
  Virtual and physical memory hacking library using gigabyte vulnerable driver
  ☆69Updated last year
• illegal-instruction-co / ThreadIn
  Freeze target threads (external - internal ) by avoiding SuspendThread detections. Or access registers from start address.
  ☆29Updated 5 months ago
• MmMapIoSpace / UCMapper
  Unknowncheats Magically Optimized Tidy Mapper using nvaudio
  ☆91Updated 3 months ago
• Deputation / hygieia
  Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.
  ☆133Updated 2 years ago
• weak1337 / SkipHook
  ☆115Updated 2 years ago
• efidemon69 / kdmapper-dumper
  KDM Is a driver that will dumps every drivers that got manually mapped with kdmapper.
  ☆48Updated 2 years ago
• kitty8904 / blanket
  Hiding a system thread against conventional means of detection
  ☆34Updated 3 years ago
• cutecatsandvirtualmachines / SKLib
  Standard Kernel Library for Windows hacking in C++
  ☆57Updated last month
• 0mWindyBug / GhostMapperUM
  manual map unsigned driver over signed memory
  ☆152Updated 5 months ago
• Oliver-1-1 / ModuleSpoof
  ☆63Updated 4 months ago
• donnaskiez / nmi
  nmi stackwalking + module verification
  ☆78Updated 8 months ago
• oakboat / RTCore64_Vulnerability
  Use RTCore64 to map your driver on windows 11.
  ☆90Updated 5 months ago
• KANKOSHEV / Detect-KeAttachProcess
  Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.
  ☆108Updated 2 years ago
• estimated1337 / lenovo_exec
  CVE-2022-3699 with arbitrary kernel code execution capability
  ☆70Updated last year
• SamuelTulach / DirectPageManipulation
  A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy
  ☆75Updated last year
• EBalloon / Rw-No-Attach
  ☆145Updated 3 months ago
• 0mWindyBug / DataptrHooks
  ntoskrnl .data hooks for UM-KM communication
  ☆33Updated 3 months ago
• saveme712 / BinCon
  A library to assist with memory & code protection.
  ☆53Updated 6 months ago
• ekknod / acdrv
  base for testing
  ☆146Updated this week
• Sinclairq / hierarchy-eac
  Bypassing EasyAntiCheat.sys self-integrity by abusing call hierarchy
  ☆77Updated last year
• Deputation / instrumentation_callbacks
  A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.
  ☆111Updated 2 years ago
• mike1k / ImportCallObfuscator
  Obfuscate calls to imports by patching in stubs
  ☆58Updated 3 years ago
• nelfo / PGHooker
  PAGE_GUARD based hooking library
  ☆38Updated 2 years ago
• UCFoxi / VTableKFunctionHook
  This project will give you an example how you can hook a kernel vtable function that cannot be directly called
  ☆78Updated 2 years ago
• Zpes / syscall-direct
  ☆33Updated 2 years ago
• cheatdeveloper73 / modded-voyager
  bypass to the p2c(s) that I have run over the past few months.
  ☆51Updated last year
• SamuelTulach / MemoryGuard
  Experiment with PAGE_GUARD protection to hide memory from other processes
  ☆31Updated 2 months ago
• Deputation / kernel_payload_comms
  A proof of concept demonstrating communication via mapped shared memory structures between a user-mode process and a kernel-mode payload …
  ☆73Updated 3 years ago
• weak1337 / SystemThreadFinder
  ☆76Updated 3 years ago