ayoubfaouzi / windows-exploitation
My notes while studying Windows exploitation
☆186Updated last year
Alternatives and similar repositories for windows-exploitation:
Users that are interested in windows-exploitation are comparing it to the libraries listed below
- A list of excellent resources for anyone to deepen their understanding with regards to Windows Kernel Exploitation and general low level …☆141Updated 2 years ago
- Virus Exchange (VX) - Collection of malware or assembly code used for "offensive" purposed.☆180Updated 3 years ago
- masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)☆119Updated last year
- Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)☆220Updated last year
- A curated list of awesome Windows Exploitation resources, and shiny things.☆73Updated 7 years ago
- Kernel Exploits☆250Updated 3 years ago
- Advanced driver monitoring utility.☆207Updated 2 years ago
- Recon 2023 slides and code☆79Updated last year
- MalUnpack companion driver☆95Updated 9 months ago
- Set of antianalysis techniques found in malware☆129Updated last year
- Important notes and topics on my journey towards mastering Windows Internals☆368Updated 10 months ago
- NINA: No Injection, No Allocation x64 Process Injection Technique☆195Updated 4 years ago
- My notes while studying Windows internals☆418Updated 3 months ago
- Windows System Programming Experiments☆219Updated 2 years ago
- Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2☆225Updated 2 years ago
- WTSRM☆209Updated 2 years ago
- An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.☆136Updated 2 years ago
- ☆158Updated 3 years ago
- ☆95Updated 3 years ago
- Admin to Kernel code execution using the KSecDD driver☆244Updated 11 months ago
- a PE Loader and Windows API tracer. Useful in malware analysis.☆138Updated 2 years ago
- ☆133Updated 2 weeks ago
- Tools and technical write-ups describing attacking techniques that rely on concealing code execution on Windows☆205Updated 2 years ago
- Source code of exploiting windows API for red teaming series☆148Updated 2 years ago
- A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.☆172Updated 3 months ago
- Enumerating and removing kernel callbacks using signed vulnerable drivers☆556Updated 2 years ago
- Yet another variant of Process Hollowing☆384Updated 2 months ago
- A library to develop kernel level Windows payloads for post HVCI era☆395Updated 3 years ago
- A more stealthy variant of "DLL hollowing"☆342Updated last year
- Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …☆108Updated 3 years ago