aiooord / rostam-e-dastanLinks
Ai000-Rostam (Codename: Ritchie Blackmoore) is a penetration testing tool for windows infrastructure that has been developing by Ai000 Cybernetic QLab as an offensive research project. It can be used in the red-teaming projects and penetration testing of an active directory-based environment.
☆11Updated last year
Alternatives and similar repositories for rostam-e-dastan
Users that are interested in rostam-e-dastan are comparing it to the libraries listed below
Sorting:
- ☆16Updated 5 months ago
- PoCs for Kernelmode rootkit techniques research.☆375Updated 4 months ago
- POC exploit for CVE-2025-21333 heap-based buffer overflow. It leverages WNF state data and I/O ring IOP_MC_BUFFER_ENTRY☆193Updated last month
- IDA Pro plugin for query based searching within the binary useful mainly for vulnerability research.☆617Updated 3 weeks ago
- An intuitive query API for IDA Pro☆157Updated 2 months ago
- Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CV…☆228Updated 2 years ago
- Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…☆222Updated 7 months ago
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.☆537Updated last month
- CWE-781: Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code☆344Updated 11 months ago
- Obfuscator-llvm Control Flow Flattening Deobfuscator☆151Updated last month
- LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.☆289Updated last year
- Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)☆222Updated last year
- Examples of leaking Kernel Mode information from User Mode on Windows☆604Updated 7 years ago
- IDA/Binary Ninja Plugin to automatically identify and set enums for standard functions☆428Updated last week
- A list of excellent resources for anyone to deepen their understanding with regards to Windows Kernel Exploitation and general low level …☆144Updated 2 years ago
- Yet another variant of Process Hollowing☆397Updated 4 months ago
- Some POCs for my BYOVD research and find some vulnerable drivers☆229Updated last week
- GhostWriting Injection Technique.☆175Updated 7 years ago
- Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2☆227Updated 2 years ago
- Kernel Exploits☆253Updated 3 years ago
- Automatically identify and extract potential anti-debugging techniques used by malware.☆157Updated 6 months ago
- Files for the packer tutorial☆72Updated 4 years ago
- Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks☆361Updated 7 months ago
- HashDB API hash lookup plugin for IDA Pro☆319Updated last week
- Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypa…☆252Updated last year
- VFGadget locator to facilitate Counterfeit Object-Oriented Programming (COOP) and Loop-Oriented Programming (LOP) attacks to bypass advan…☆13Updated 2 months ago
- Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation☆127Updated last year
- Reverse engineering winapi function loadlibrary.☆197Updated 2 years ago
- Windows Pwnable Study☆353Updated 4 years ago
- Enumerating and removing kernel callbacks using signed vulnerable drivers☆566Updated 2 years ago