connormcgarr / Kernel-Exploits
Kernel Exploits
☆249Updated 3 years ago
Alternatives and similar repositories for Kernel-Exploits:
Users that are interested in Kernel-Exploits are comparing it to the libraries listed below
- Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)☆220Updated last year
- ☆158Updated 3 years ago
- Yet another variant of Process Hollowing☆384Updated last month
- Exploit for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)☆465Updated 3 years ago
- Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CV…☆216Updated 2 years ago
- A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.☆172Updated 3 months ago
- The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogun_lab).☆226Updated 3 months ago
- Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2☆225Updated 2 years ago
- PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap☆200Updated 4 years ago
- Some of my windows kernel exploits for learning purposes☆122Updated 2 years ago
- FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!☆325Updated 2 years ago
- NINA: No Injection, No Allocation x64 Process Injection Technique☆195Updated 4 years ago
- Static Binary Instrumentation tool for Windows x64 executables☆198Updated last month
- A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in c…☆120Updated 2 years ago
- Reverse engineered source code of the autochk rootkit☆201Updated 5 years ago
- GhostWriting Injection Technique.☆167Updated 6 years ago
- Yet another windows internals repo☆205Updated 3 years ago
- OffensivePH - use old Process Hacker driver to bypass several user-mode access controls☆329Updated 3 years ago
- Find patterns of vulnerabilities on Windows in order to find 0-day and write exploits of 1-days. We use Microsoft security updates in ord…☆180Updated 3 years ago
- Code Injection, Inject malicious payload via pagetables pml4.☆231Updated 3 years ago
- Phantom DLL hollowing PoC☆357Updated 2 years ago
- Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…☆215Updated 2 years ago
- PoC capable of detecting manual syscalls from usermode.☆192Updated 4 months ago
- Leaked Windows processes handles identification tool☆284Updated 3 years ago
- ☆299Updated 2 years ago
- Virus Exchange (VX) - Collection of malware or assembly code used for "offensive" purposed.☆180Updated 3 years ago
- A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC☆363Updated 2 years ago
- WTSRM☆209Updated 2 years ago
- Silence EDRs by removing kernel callbacks☆229Updated 4 years ago
- PoC memory injection detection agent based on ETW, for offensive and defensive research purposes☆268Updated 3 years ago