ch3rn0byl / CharonLinks
A UEFI extraction tool
☆18Updated 7 months ago
Alternatives and similar repositories for Charon
Users that are interested in Charon are comparing it to the libraries listed below
Sorting:
- call gates as stable comunication channel for NT x86 and Linux x86_64☆32Updated last year
- UEFI bootkit: Hardware Implant. In-Progress☆16Updated 3 years ago
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year
- A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.☆30Updated 2 years ago
- An example of how to use Microsoft Windows Warbird technology☆28Updated 2 years ago
- ☆14Updated last year
- allowing um r/w through km from um ioctl ™☆11Updated 3 years ago
- Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits☆29Updated 3 years ago
- Reports and POCs for CVE 2024-43570 and CVE-2024-43535☆24Updated 3 weeks ago
- Report and exploit of CVE-2024-21305.☆36Updated last year
- A few examples of how to trap virtual memory access on Windows.☆31Updated 6 months ago
- ☆20Updated 5 months ago
- havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets☆30Updated 10 months ago
- WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs☆18Updated last year
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆26Updated last year
- A Practical example of ELAM (Early Launch Anti-Malware)☆34Updated 3 years ago
- A fully compatible replacement of Windows NT NtCreateLowBoxToken syscall - precisely restored from reverse engineering☆38Updated 2 weeks ago
- ☆59Updated 3 years ago
- Listing UDP connections with remote address without sniffing.☆29Updated last year
- ☆12Updated last year
- PEIM (UEFI) bootkit targeting OVMF (EDK2)☆35Updated last year
- ☆16Updated 2 years ago
- A years-old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77.☆38Updated 3 years ago
- Example payload for CVE-2022-21894☆14Updated last year
- ☆29Updated 3 years ago
- ☆25Updated 2 years ago
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆105Updated 2 years ago
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆55Updated 2 years ago
- SoulExtraction is a windows driver library for extracting cert information in windows drivers☆24Updated 2 years ago
- ☆18Updated 4 years ago