My notes while studying Windows exploitation
☆193Mar 27, 2026Updated last month
Alternatives and similar repositories for windows-exploitation
Users that are interested in windows-exploitation are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- My notes while studying Windows internals☆460Mar 27, 2026Updated last month
- Linux kernel internals' notes☆21Feb 12, 2026Updated 2 months ago
- Intel / AMD CPU Internals☆1,191Apr 14, 2026Updated 2 weeks ago
- "An Introduction to Windows Exploit Development" is an open sourced, free Windows exploit development course I created for the Southeast …☆41Apr 17, 2020Updated 6 years ago
- Small driver that uses alternative syscalls feature☆18May 9, 2024Updated last year
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆242Nov 6, 2019Updated 6 years ago
- Analyze Windows x64 Kernel Memory Layout☆130Nov 19, 2020Updated 5 years ago
- A C++ syscall ID extractor for Windows. Developed, debugged and tested on 20H2.☆21May 25, 2021Updated 4 years ago
- Kernel Detective☆154Mar 7, 2026Updated last month
- Offensive Assembly code snippets.☆13Jul 12, 2023Updated 2 years ago
- Examples of leaking Kernel Mode information from User Mode on Windows☆641Jul 7, 2017Updated 8 years ago
- The Win32 Anti-Intrusion Library☆214May 30, 2019Updated 6 years ago
- This is a collection of interesting codes about Windows Process creation.☆239Jan 12, 2024Updated 2 years ago
- createfile☆50Oct 27, 2015Updated 10 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆244Sep 26, 2023Updated 2 years ago
- Various methods of executing shellcode☆74Mar 27, 2023Updated 3 years ago
- Kernel-Mode Driver that loads a dll into every new created process that loads kernel32.dll module☆422Sep 9, 2018Updated 7 years ago
- Collect different versions of Crucial modules.☆147Jul 11, 2024Updated last year
- A process overwriting its own PEB to make an illusion that it has been loaded from a different path.☆100Jun 24, 2021Updated 4 years ago
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆147Feb 23, 2019Updated 7 years ago
- Bypassing PatchGuard on modern x64 systems☆267Apr 9, 2023Updated 3 years ago
- NASM listing to shellcode converter☆14May 6, 2018Updated 7 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- LDE64 (relocatable) source code☆103Jun 24, 2015Updated 10 years ago
- Simple driver to register all available process, thread, image, Registry, and Object callbacks☆124Oct 5, 2017Updated 8 years ago
- windows rootkit☆60May 2, 2024Updated last year
- Application Verifier Dynamic Fault Injection☆41Jan 12, 2026Updated 3 months ago
- Analysing and defeating PatchGuard universally☆35Nov 4, 2020Updated 5 years ago
- Intel Virtualization Technology demo☆72Oct 15, 2016Updated 9 years ago
- Signtool for expired certificates☆516Jun 10, 2023Updated 2 years ago
- Simple program for static hooking dynamic libraries in executable application☆24Jan 15, 2014Updated 12 years ago
- Research on Windows Kernel Executive Callback Objects☆318Feb 22, 2020Updated 6 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆68May 2, 2023Updated 2 years ago
- Splitting and executing shellcode across multiple pages☆104Jun 8, 2023Updated 2 years ago
- Page fault hook use ept (Intel Virtualization Technology)☆202Oct 19, 2016Updated 9 years ago
- Static library and headers for linking your software with ntdll.dll☆37Dec 16, 2019Updated 6 years ago
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆79Jan 24, 2011Updated 15 years ago
- idk man this was the default github name☆35Apr 23, 2023Updated 3 years ago
- Win32 and Kernel abusing techniques for pentesters☆978Sep 3, 2023Updated 2 years ago