connormcgarr / Kernel-Exploits
Kernel Exploits
☆247Updated 3 years ago
Alternatives and similar repositories for Kernel-Exploits:
Users that are interested in Kernel-Exploits are comparing it to the libraries listed below
- Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)☆220Updated last year
- ☆157Updated 3 years ago
- Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CV…☆196Updated 2 years ago
- Exploit for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)☆463Updated 3 years ago
- Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2☆224Updated 2 years ago
- Code Injection, Inject malicious payload via pagetables pml4.☆229Updated 3 years ago
- NINA: No Injection, No Allocation x64 Process Injection Technique☆195Updated 4 years ago
- Yet another variant of Process Hollowing☆376Updated 3 weeks ago
- A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.☆160Updated 2 months ago
- The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogun_lab).☆226Updated 2 months ago
- GhostWriting Injection Technique.☆166Updated 6 years ago
- PoC MSVC COFF Object file loader/injector.☆170Updated 3 years ago
- FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!☆321Updated 2 years ago
- Leaked Windows processes handles identification tool☆282Updated 2 years ago
- A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in c…☆120Updated 2 years ago
- OffensivePH - use old Process Hacker driver to bypass several user-mode access controls☆329Updated 3 years ago
- Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…☆214Updated last year
- Phantom DLL hollowing PoC☆355Updated 2 years ago
- ☆295Updated 2 years ago
- Some of my windows kernel exploits for learning purposes☆122Updated 2 years ago
- ☆294Updated 3 years ago
- Simple project using syscalls (via Syswhispers2) to execute MessageBox shellcode.☆74Updated 3 years ago
- Static Binary Instrumentation tool for Windows x64 executables☆196Updated last week
- Silence EDRs by removing kernel callbacks☆227Updated 4 years ago
- ☆131Updated last year
- PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap☆199Updated 4 years ago
- Find patterns of vulnerabilities on Windows in order to find 0-day and write exploits of 1-days. We use Microsoft security updates in ord…☆179Updated 3 years ago
- WTSRM☆207Updated 2 years ago
- x64 Assembly HalosGate direct System Caller to evade EDR UserLand hooks☆202Updated last year
- Local privilege escalation PoC exploit for CVE-2019-16098☆193Updated 5 years ago