A serie of exploits targeting eneio64.sys - Turning Physical Memory R/W into Virtual Memory R/W
☆116Oct 19, 2025Updated 4 months ago
Alternatives and similar repositories for Eneio64-Driver-Exploits
Users that are interested in Eneio64-Driver-Exploits are comparing it to the libraries listed below
Sorting:
- Sleep obfuscation☆268Dec 13, 2024Updated last year
- Anti-Rootkit/Anti-Cheat Driver to uncover unbacked or hidden kernel code.☆297Dec 10, 2025Updated 2 months ago
- Enable or Disable TokenPrivilege(s)☆15May 17, 2024Updated last year
- CLI Search for Security Operators of MITRE ATT&CK URLs☆17Jan 5, 2023Updated 3 years ago
- Harness to issue Virtual Secure Mode (VSM) "secure calls" from VTL 0 to VTL 1☆76Sep 8, 2025Updated 5 months ago
- Convert your shellcode into an ASCII string☆128Jun 27, 2025Updated 8 months ago
- ☆37Sep 26, 2024Updated last year
- Kernel Level NMI Callback Blocker☆165Sep 27, 2025Updated 5 months ago
- ☆25Apr 28, 2024Updated last year
- Executing Kernel Routines via Syscall Table Hijack (Kernel Code Execution)☆56Jun 15, 2025Updated 8 months ago
- kASLR bypass technique on Intel CPUs.☆32May 18, 2025Updated 9 months ago
- NovaHypervisor is a defensive x64 Intel host based hypervisor. The goal of this project is to protect against kernel based attacks (eithe…☆253Feb 19, 2026Updated 2 weeks ago
- find dll base addresses without PEB WALK☆160Jul 13, 2025Updated 7 months ago
- Obfusk8: lightweight Obfuscation library based on C++17 / Header Only for windows binaries☆642Feb 7, 2026Updated 3 weeks ago
- Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…☆93Jul 7, 2025Updated 7 months ago
- A Crystal Palace shared library to resolve & perform syscalls☆57Oct 29, 2025Updated 4 months ago
- A lexer and parser for Sleep☆20Feb 20, 2026Updated last week
- Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…☆199Jun 17, 2025Updated 8 months ago
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆137Apr 6, 2025Updated 10 months ago
- Impersonate Tokens using only NTAPI functions☆84Apr 4, 2025Updated 11 months ago
- ShellcodeFluctuation PoC ported to Nim☆79Oct 14, 2022Updated 3 years ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆195Nov 27, 2024Updated last year
- Help red teams find opsec processes during engagements☆42Dec 7, 2024Updated last year
- WinDbg plugin to trace module transitions from a debugged driver.☆40Dec 22, 2025Updated 2 months ago
- A Reflective Loader for macOS☆147Jul 20, 2025Updated 7 months ago
- Use the Netlogon Remote Protocol (MS-NRPC) to dump the target hash.☆62Feb 25, 2025Updated last year
- Call Stack Spoofing for Rust☆210Jan 28, 2026Updated last month
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆283Sep 18, 2024Updated last year
- kernel callback removal (Bypassing EDR Detections)☆211Nov 14, 2025Updated 3 months ago
- Utilizng an MCP Server to communicate with your C2☆86May 15, 2025Updated 9 months ago
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆73Apr 13, 2025Updated 10 months ago
- 从MmPfnData中枚举进程和页目录基址☆207Aug 18, 2023Updated 2 years ago
- Threadless shellcode injection tool☆68Aug 5, 2024Updated last year
- ROP-based sleep obfuscation to evade memory scanners☆376Jun 22, 2025Updated 8 months ago
- Cobaltstrike UDRL with memory evasion☆15May 16, 2024Updated last year
- Attack Active Directory Trusts with a single tool☆14Jan 15, 2025Updated last year
- This repo contains EXPs about Vulnerable Windows Driver☆47May 22, 2024Updated last year
- Evasive shellcode loader with indirect syscalls, Thread name-calling allocation, PoolParty injection☆10Feb 26, 2025Updated last year
- PoC XLL builder in Python/Nim☆49Nov 21, 2022Updated 3 years ago