Alternatives and similar repositories for AV_Kernel_Vulns:

Users that are interested in AV_Kernel_Vulns are comparing it to the libraries listed below

• IOActive / I-know-where-your-page-lives
  I Know Where Your Page Lives: Derandomizing the latest Windows 10 Kernel - ZeroNights 2016
  ☆163Updated 8 years ago
• MortenSchenk / BHUSA2017
  Content from presentation at BHUSA 2017
  ☆180Updated 7 years ago
• Rootkitsmm-zz / Win32k-Fuzzer
  Fuzz and Detect "Use After Free" vulnerability in win32k.sys ( Heap based )
  ☆132Updated 9 years ago
• sensepost / gdi-palettes-exp
  DC25 5A1F - Demystifying Windows Kernel Exploitation by Abusing GDI Objects
  ☆145Updated 7 years ago
• saaramar / execve_exploit
  Hardcore corruption of my execve() vulnerability in WSL
  ☆214Updated 7 years ago
• gpoulios / ROPInjector
  Patching ROP-encoded shellcodes into PEs
  ☆184Updated 7 years ago
• FSecureLABS / win_driver_plugin
  A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.
  ☆428Updated 6 years ago
• tinysec / public
  my public code
  ☆166Updated 8 years ago
• tyranid / windows-logical-eop-workshop
  ☆231Updated 7 years ago
• tinysec / vulnerability
  windows kernel vulnerability found by me
  ☆91Updated 7 years ago
• cbayet / Exploit-CVE-2017-6008
  Exploits for CVE-2017-6008, a kernel pool buffer overflow leading to privilege escalation.
  ☆116Updated 4 months ago
• GradiusX / HEVD-Python-Solutions
  Python solutions for the HackSysTeam Extreme Vulnerable Driver
  ☆151Updated 3 years ago
• bruce30262 / TWindbg
  PEDA-like debugger UI for WinDbg
  ☆202Updated 11 months ago
• tinysec / windows-syscall-table
  windows syscall table from xp ~ 10 rs4
  ☆352Updated 6 years ago
• can1357 / CVE-2018-8897
  Arbitrary code execution with kernel privileges using CVE-2018-8897.
  ☆410Updated 6 years ago
• Cr4sh / ioctlfuzzer
  Automatically exported from code.google.com/p/ioctlfuzzer
  ☆159Updated 9 years ago
• tyranid / IE11SandboxEscapes
  Some example source code for fixed IE11 sandbox escapes.
  ☆140Updated 10 years ago
• nmulasmajic / syscall_exploit_CVE-2018-8897
  Implements the POP/MOV SS (CVE-2018-8897) vulnerability by leveraging SYSCALL to perform a local privilege escalation (LPE).
  ☆116Updated 6 years ago
• sam-b / windows_kernel_resources
  Papers, blogposts, tutorials etc for learning about Windows kernel exploitation, internals and (r|b)ootkits
  ☆389Updated 5 years ago
• Darkabode / zerokit
  Zerokit/GAPZ rootkit (non buildable and only for researching)
  ☆182Updated 5 years ago
• Spajed / processrefund
  An attempt at Process Doppelgänging
  ☆184Updated 7 years ago
• ixty / xarch_shellcode
  Cross Architecture Shellcode in C
  ☆200Updated 8 years ago
• 0xAlexei / WindowsDefenderTools
  Tools for instrumenting Windows Defender's mpengine.dll
  ☆293Updated 6 years ago
• ivildeed / vmw_vmx_overloader
  Loading unsigned code into kernel in Windows 10 (64) with help of VMware Workstation Pro/Player design flaw
  ☆135Updated 7 years ago
• orppra / ropa
  GUI tool to create ROP chains using the ropper API
  ☆156Updated 6 years ago
• BreakingMalware / Selfie
  A Tool to Unpack Self-Modifying Code using DynamoRIO
  ☆141Updated 7 years ago
• HexHive / malWASH
  ☆113Updated 8 years ago
• corelan / win10_heap
  Collection of VC++ example applications to demonstrate Win10 userland heap behavior (BEA & FEA)
  ☆84Updated 8 years ago
• Phat3 / PINdemonium
  A pintool in order to unpack malware
  ☆232Updated 8 years ago
• saaramar / Deterministic_LFH
  Have fun with the LowFragmentationHeap
  ☆235Updated 4 years ago