aaaddress1 / winInject101Links
Windows Injection 101: from Zero to ROP (HITCON 2017)
☆28Updated 7 years ago
Alternatives and similar repositories for winInject101
Users that are interested in winInject101 are comparing it to the libraries listed below
Sorting:
- Resources from my journey into Windows binary exploitation☆22Updated 6 years ago
- ☆22Updated 4 years ago
- A simple tool to view important DLL Characteristics and change DEP and ASLR☆44Updated 6 years ago
- Kernel mode windows NT API logger☆22Updated 5 years ago
- Example for PagedOut!☆25Updated 5 years ago
- A new binary injection technique, can easily go through any #CIG protected process and slip through all possible defenses without any inj…☆18Updated 7 years ago
- ☆31Updated 4 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 7 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆40Updated 4 years ago
- ☆46Updated 4 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆29Updated 8 years ago
- Master list of all my vulnerability discoveries. Mostly 3rd party kernel drivers.☆49Updated 4 years ago
- Remote PE reflective injection with a simple reflective loader☆31Updated 6 years ago
- Windows GPU rootkit PoC by Team Jellyfish☆35Updated 10 years ago
- ☆21Updated 4 years ago
- ☆36Updated 6 years ago
- My conference presentations and publications☆26Updated 3 years ago
- Analysis of VBS exploit CVE-2018-8174☆31Updated 6 years ago
- Execute an arbitrary command within the context of another process☆20Updated 6 years ago
- Windows Application Loader Running *.Exe files in Memory against Scrylla☆21Updated 5 years ago
- Windbg extension that allows you analyze Control Flow Guard map☆35Updated 3 years ago
- Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.☆98Updated 4 years ago
- ☆45Updated 7 years ago
- ☆25Updated 6 years ago
- Simple tool to use LsaManageSidNameMapping get LSA to add or remove SID to name mappings.☆23Updated 4 years ago
- ☆11Updated 2 years ago
- PoC Code for CVE-2018-16712 (exploit by MmMapIoSpace)☆25Updated 6 years ago
- ☆24Updated 3 years ago
- POC For CVE-2022-24483☆14Updated 3 years ago
- Code injection via delay load libraries☆35Updated 7 years ago