Wack0 / CVE-2022-21894Links
baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability
☆329Updated last year
Alternatives and similar repositories for CVE-2022-21894
Users that are interested in CVE-2022-21894 are comparing it to the libraries listed below
Sorting:
- Rusty Bootkit - Windows UEFI Bootkit in Rust (Codename: RedLotus)☆538Updated last year
- Updated version of System Management Mode backdoor for UEFI based platforms: old dog, new tricks☆320Updated last year
- Vulnerable driver research tool, result and exploit PoCs☆195Updated last year
- PoC Implementation of a fully dynamic call stack spoofer☆795Updated 11 months ago
- A list of excellent resources for anyone to deepen their understanding with regards to Windows Kernel Exploitation and general low level …☆144Updated 2 years ago
- Operating System Design Review: A systemic analysis of modern systems architecture☆314Updated 4 months ago
- HyperDeceit is the ultimate all-in-one library that emulates Hyper-V for Windows, giving you the ability to intercept and manipulate oper…☆364Updated 2 years ago
- Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)☆222Updated 2 years ago
- A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)☆498Updated 2 months ago
- ☆96Updated 3 years ago
- LPE exploit for CVE-2023-21768☆490Updated last year
- Patching "signtool.exe" to accept expired certificates for code-signing.☆282Updated 11 months ago
- HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.☆678Updated last year
- Advanced driver monitoring utility.☆212Updated 2 years ago
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆231Updated last year
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆248Updated 2 years ago
- For when DLLMain is the only way☆386Updated 7 months ago
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.☆541Updated last month
- RISC-V Virtual Machine☆226Updated 2 weeks ago
- Yet another variant of Process Hollowing☆400Updated 5 months ago
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆289Updated 8 months ago
- masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)☆124Updated last year
- Enumerating and removing kernel callbacks using signed vulnerable drivers☆566Updated 2 years ago
- A DTrace on Windows Reimplementation☆348Updated 4 months ago
- PoCs for Kernelmode rootkit techniques research.☆376Updated 5 months ago
- SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…☆396Updated this week
- Bootkit sample for firmware attack☆256Updated 6 months ago
- Kernel Exploits☆256Updated 3 years ago
- A small x64 library to load dll's into memory.☆443Updated last year
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆645Updated 2 years ago