Alternatives and similar repositories for CVE-2022-21894

Users that are interested in CVE-2022-21894 are comparing it to the libraries listed below

• ASkyeye / CVE-2022-21894-Payload

  View on GitHub
  Example payload for CVE-2022-21894
  ☆15Sep 27, 2023Updated 2 years ago
• tandasat / SmmExploit

  View on GitHub
  The report and the exploit of CVE-2021-26943, the kernel-to-SMM local privilege escalation vulnerability in ASUS UX360CA BIOS version 303…
  ☆144Mar 29, 2021Updated 4 years ago
• connormcgarr / Kernel-Exploits

  View on GitHub
  Kernel Exploits
  ☆260Jul 18, 2021Updated 4 years ago
• btbd / umap

  View on GitHub
  UEFI bootkit for driver manual mapping
  ☆583Jan 1, 2024Updated 2 years ago
• memN0ps / redlotus-rs

  View on GitHub
  Rusty Bootkit - Windows UEFI Bootkit in Rust (Codename: RedLotus)
  ☆563Sep 12, 2023Updated 2 years ago
• KiFilterFiberContext / warbird-hook

  View on GitHub
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆265Aug 31, 2022Updated 3 years ago
• Cr4sh / SmmBackdoorNg

  View on GitHub
  Updated version of System Management Mode backdoor for UEFI based platforms: old dog, new tricks
  ☆354Nov 3, 2023Updated 2 years ago
• kkent030315 / CVE-2022-42046

  View on GitHub
  CVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation via DKOM
  ☆162Dec 24, 2022Updated 3 years ago
• XaFF-XaFF / Black-Angel-Rootkit

  View on GitHub
  Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.
  ☆671Nov 9, 2023Updated 2 years ago
• IOActive / Platbox

  View on GitHub
  UEFI and SMM Assessment Tool
  ☆213Nov 21, 2024Updated last year
• ldpreload / BlackLotus

  View on GitHub
  BlackLotus UEFI Windows Bootkit
  ☆2,182Mar 28, 2024Updated last year
• enkomio / BrokenFlow

  View on GitHub
  A simple PoC to invoke an encrypted shellcode by using an hidden call
  ☆116Nov 19, 2022Updated 3 years ago
• tandasat / CVE-2024-21305

  View on GitHub
  Report and exploit of CVE-2024-21305.
  ☆38Jan 14, 2024Updated 2 years ago
• Cr4sh / s6_pcie_microblaze

  View on GitHub
  PCI Express DIY hacking toolkit for Xilinx SP605. This repository is also home of Hyper-V Backdoor and Boot Backdoor, check readme for li…
  ☆849May 20, 2024Updated last year
• eversinc33 / Banshee

  View on GitHub
  Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.
  ☆587Aug 2, 2025Updated 6 months ago
• thesecretclub / SandboxBootkit

  View on GitHub
  Bootkit for Windows Sandbox to disable DSE/PatchGuard.
  ☆317Oct 13, 2024Updated last year
• alfarom256 / CVE-2022-3699

  View on GitHub
  Lenovo Diagnostics Driver EoP - Arbitrary R/W
  ☆177Dec 5, 2022Updated 3 years ago
• chompie1337 / Windows_MSKSSRV_LPE_CVE-2023-36802

  View on GitHub
  LPE exploit for CVE-2023-36802
  ☆167Oct 10, 2023Updated 2 years ago
• AdamOron / PatchGuardBypass

  View on GitHub
  Bypassing PatchGuard on modern x64 systems
  ☆265Apr 9, 2023Updated 2 years ago
• rbmm / LdrpKernel32DllName

  View on GitHub
  ☆90Jun 2, 2024Updated last year
• yardenshafir / IoRingReadWritePrimitive

  View on GitHub
  Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2
  ☆247Jul 5, 2022Updated 3 years ago
• Cr4sh / KernelForge

  View on GitHub
  A library to develop kernel level Windows payloads for post HVCI era
  ☆483May 18, 2021Updated 4 years ago
• gabriellandau / ShadowStackWalk

  View on GitHub
  Finding Truth in the Shadows
  ☆120Jan 26, 2023Updated 3 years ago
• ajkhoury / UEFI-Bootkit

  View on GitHub
  A small bootkit which does not rely on x64 assembly.
  ☆510Aug 29, 2019Updated 6 years ago
• floesen / KExecDD

  View on GitHub
  Admin to Kernel code execution using the KSecDD driver
  ☆264Apr 19, 2024Updated last year
• chompie1337 / Windows_LPE_AFD_CVE-2023-21768

  View on GitHub
  LPE exploit for CVE-2023-21768
  ☆506Jul 10, 2023Updated 2 years ago
• lab52io / LeakedHandlesFinder

  View on GitHub
  Leaked Windows processes handles identification tool
  ☆290Mar 14, 2022Updated 3 years ago
• yardenshafir / conference_talks

  View on GitHub
  Slides from various conference talks
  ☆37May 30, 2023Updated 2 years ago
• loneicewolf / smbdoor

  View on GitHub
  improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys
  ☆49Mar 10, 2023Updated 2 years ago
• mrexodia / lolbin-poc

  View on GitHub
  Small PoC of using a Microsoft signed executable as a lolbin.
  ☆141Feb 27, 2023Updated 2 years ago
• Wh04m1001 / IFaultrepElevatedDataCollectionUAC

  View on GitHub
  ☆133Oct 14, 2022Updated 3 years ago
• Nero22k / cve-2023-29360

  View on GitHub
  Exploit for CVE-2023-29360 targeting MSKSSRV.SYS driver
  ☆153Oct 12, 2023Updated 2 years ago
• ekknod / smm

  View on GitHub
  alternative smm driver for ryzen motherboards
  ☆188Oct 12, 2024Updated last year
• zer0condition / Demystifying-PatchGuard

  View on GitHub
  Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…
  ☆132Apr 26, 2023Updated 2 years ago
• deepinstinct / Dirty-Vanity

  View on GitHub
  A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…
  ☆675Dec 23, 2022Updated 3 years ago
• fortra / hw-call-stack

  View on GitHub
  Use hardware breakpoints to spoof the call stack for both syscalls and API calls
  ☆201Jun 6, 2024Updated last year
• CCob / ThreadlessInject

  View on GitHub
  Threadless Process Injection using remote function hooking.
  ☆809Sep 4, 2024Updated last year
• namazso / MagicSigner

  View on GitHub
  Signtool for expired certificates
  ☆515Jun 10, 2023Updated 2 years ago
• gabriellandau / CISpotter

  View on GitHub
  Code Integrity Violation Spotter
  ☆17Jun 11, 2024Updated last year