Simple library to spray the Windows Kernel Pool
☆110Jan 6, 2020Updated 6 years ago
Alternatives and similar repositories for PoolSprayer
Users that are interested in PoolSprayer are comparing it to the libraries listed below
Sorting:
- ☆30May 23, 2017Updated 8 years ago
- DC25 5A1F - Demystifying Windows Kernel Exploitation by Abusing GDI Objects☆147Jul 30, 2017Updated 8 years ago
- Exploits for CVE-2017-6008, a kernel pool buffer overflow leading to privilege escalation.☆120Nov 6, 2024Updated last year
- Examples of leaking Kernel Mode information from User Mode on Windows☆634Jul 7, 2017Updated 8 years ago
- kernel pool windbg extension☆83Jul 23, 2015Updated 10 years ago
- ☆14Jan 10, 2017Updated 9 years ago
- Minifilter Driver☆15Feb 10, 2017Updated 9 years ago
- ☆41Jul 9, 2020Updated 5 years ago
- ☆63Apr 13, 2017Updated 8 years ago
- analyze the content of the pe file on windows, and shell(pack) function for windows drivers.☆11Nov 9, 2018Updated 7 years ago
- A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.☆437Aug 22, 2018Updated 7 years ago
- The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers☆34Mar 13, 2017Updated 9 years ago
- Windows inject☆17Jun 7, 2018Updated 7 years ago
- PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap☆214Jul 2, 2020Updated 5 years ago
- ☆22May 25, 2017Updated 8 years ago
- An exploit for CVE-2016-7255 on Windows 7/8/8.1/10(pre-anniversary) 64 bit☆82Mar 9, 2017Updated 9 years ago
- A system call tracer☆10Sep 22, 2014Updated 11 years ago
- POC and exploitation of vulnerabilities☆91Mar 22, 2022Updated 3 years ago
- Notes my learning steps about Windows-NT☆23May 18, 2017Updated 8 years ago
- Papers, blogposts, tutorials etc for learning about Windows kernel exploitation, internals and (r|b)ootkits☆415Jan 2, 2020Updated 6 years ago
- Windows SMEP Bypass U=S☆38Apr 8, 2016Updated 9 years ago
- Windows 8.1 x64 Exploit for MS16-098 RNGOBJ_Integer_Overflow☆92Apr 20, 2017Updated 8 years ago
- A dirty IDAPython script to dump windows system call number/name pairs as JSON☆36Feb 13, 2017Updated 9 years ago
- Exploiting HEVD's WriteWhatWhereIoctlDispatch for LPE on Windows 10 TH2 through RS3 using GDI objects.☆24Jan 23, 2018Updated 8 years ago
- windows kernel File redirection☆20Sep 21, 2014Updated 11 years ago
- Load a Windows Kernel Driver☆94Jun 7, 2017Updated 8 years ago
- Decrement Windows Kernel for fun and profit☆39Jan 29, 2018Updated 8 years ago
- A repository of some of my Windows 10 Device Guard Bypasses☆139Aug 3, 2017Updated 8 years ago
- Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CV…☆259Sep 1, 2022Updated 3 years ago
- an efficient yet easy to use network packet builder and parser☆11Jul 3, 2017Updated 8 years ago
- Content from presentation at BHUSA 2017☆180Jul 27, 2017Updated 8 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆23May 31, 2017Updated 8 years ago
- I Know Where Your Page Lives: Derandomizing the latest Windows 10 Kernel - ZeroNights 2016☆172Dec 7, 2016Updated 9 years ago
- ☆10Jul 30, 2017Updated 8 years ago
- ☆91Jul 31, 2019Updated 6 years ago
- Solutions to HackSysExtremeVulnerableDriver challenges though my following of @FuzzySecurity's tutorials plus futher explanations where n…☆22Aug 25, 2017Updated 8 years ago
- A windbg extension, extracting token related contents☆41Dec 23, 2020Updated 5 years ago
- PoC for detecting and dumping code injection (built and extended on UnRunPE)☆58Oct 23, 2018Updated 7 years ago
- wow64 syscall filter☆13Nov 12, 2014Updated 11 years ago