My notes while studying Windows exploitation
☆193Jul 25, 2023Updated 2 years ago
Alternatives and similar repositories for windows-exploitation
Users that are interested in windows-exploitation are comparing it to the libraries listed below
Sorting:
- My notes while studying Windows internals☆447Dec 9, 2024Updated last year
- Intel / AMD CPU Internals☆1,178Mar 7, 2021Updated 4 years ago
- Analyze Windows x64 Kernel Memory Layout☆129Nov 19, 2020Updated 5 years ago
- This is a collection of interesting codes about Windows Process creation.☆237Jan 12, 2024Updated 2 years ago
- Various methods of executing shellcode☆74Mar 27, 2023Updated 2 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆240Nov 6, 2019Updated 6 years ago
- Kernel Detective☆151Aug 12, 2022Updated 3 years ago
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆242Sep 26, 2023Updated 2 years ago
- A C++ syscall ID extractor for Windows. Developed, debugged and tested on 20H2.☆21May 25, 2021Updated 4 years ago
- Small driver that uses alternative syscalls feature (the project is still under development).☆18May 9, 2024Updated last year
- Kernel-Mode Driver that loads a dll into every new created process that loads kernel32.dll module☆421Sep 9, 2018Updated 7 years ago
- Examples of leaking Kernel Mode information from User Mode on Windows☆633Jul 7, 2017Updated 8 years ago
- Simple driver to register all available process, thread, image, Registry, and Object callbacks☆124Oct 5, 2017Updated 8 years ago
- Bypassing PatchGuard on modern x64 systems☆265Apr 9, 2023Updated 2 years ago
- x64 Windows implementation of virtual-address to physical-address translation☆47Jun 3, 2021Updated 4 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- The Win32 Anti-Intrusion Library☆213May 30, 2019Updated 6 years ago
- "An Introduction to Windows Exploit Development" is an open sourced, free Windows exploit development course I created for the Southeast …☆41Apr 17, 2020Updated 5 years ago
- ☆60Jan 9, 2023Updated 3 years ago
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆79Jan 24, 2011Updated 15 years ago
- Application Verifier Dynamic Fault Injection☆40Jan 12, 2026Updated last month
- Analysing and defeating PatchGuard universally☆36Nov 4, 2020Updated 5 years ago
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆146Feb 23, 2019Updated 7 years ago
- createfile☆50Oct 27, 2015Updated 10 years ago
- idk man this was the default github name☆35Apr 23, 2023Updated 2 years ago
- Research on Windows Kernel Executive Callback Objects☆315Feb 22, 2020Updated 6 years ago
- This project is an implant framework designed for long term persistent access to Windows machines.☆108Sep 22, 2023Updated 2 years ago
- Tools and PoCs for Windows syscall investigation.☆368Dec 2, 2025Updated 2 months ago
- Splitting and executing shellcode across multiple pages☆103Jun 8, 2023Updated 2 years ago
- Signtool for expired certificates☆515Jun 10, 2023Updated 2 years ago
- x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration☆386Jul 6, 2022Updated 3 years ago
- ☆17Oct 31, 2022Updated 3 years ago
- Collect different versions of Crucial modules.☆145Jul 11, 2024Updated last year
- ☆146Jan 13, 2021Updated 5 years ago
- Load your driver like win32k.sys☆258Aug 20, 2022Updated 3 years ago
- Page fault hook use ept (Intel Virtualization Technology)☆200Oct 19, 2016Updated 9 years ago
- Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!☆249Jul 9, 2024Updated last year
- ☆12Jul 2, 2023Updated 2 years ago
- NASM listing to shellcode converter☆14May 6, 2018Updated 7 years ago