connormcgarr / Kernel-Exploits
Kernel Exploits
☆249Updated 3 years ago
Alternatives and similar repositories for Kernel-Exploits:
Users that are interested in Kernel-Exploits are comparing it to the libraries listed below
- Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)☆220Updated last year
- Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CV…☆198Updated 2 years ago
- ☆158Updated 3 years ago
- Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2☆225Updated 2 years ago
- Exploit for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)☆463Updated 3 years ago
- Static Binary Instrumentation tool for Windows x64 executables☆198Updated last month
- The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogun_lab).☆225Updated 3 months ago
- A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC☆361Updated 2 years ago
- Yet another variant of Process Hollowing☆383Updated last month
- Code Injection, Inject malicious payload via pagetables pml4.☆231Updated 3 years ago
- A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.☆170Updated 3 months ago
- Leaked Windows processes handles identification tool☆284Updated 3 years ago
- WTSRM☆209Updated 2 years ago
- A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in c…☆120Updated 2 years ago
- Tools and technical write-ups describing attacking techniques that rely on concealing code execution on Windows☆203Updated 2 years ago
- ☆298Updated 2 years ago
- NINA: No Injection, No Allocation x64 Process Injection Technique☆195Updated 4 years ago
- Some of my windows kernel exploits for learning purposes☆122Updated 2 years ago
- ☆95Updated 3 years ago
- Find patterns of vulnerabilities on Windows in order to find 0-day and write exploits of 1-days. We use Microsoft security updates in ord…☆179Updated 3 years ago
- PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap☆201Updated 4 years ago
- Enumerating and removing kernel callbacks using signed vulnerable drivers☆551Updated 2 years ago
- A personalized/enhanced re-creation of the Darkhotel "Double Star" APT exploit chain with a focus on Windows 8.1 and mixed with some of m…☆145Updated 2 years ago
- GhostWriting Injection Technique.☆167Updated 6 years ago
- ☆132Updated this week
- PoC capable of detecting manual syscalls from usermode.☆191Updated 3 months ago
- Silence EDRs by removing kernel callbacks☆228Updated 4 years ago
- An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples☆69Updated 2 years ago
- FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!☆322Updated 2 years ago
- OffensivePH - use old Process Hacker driver to bypass several user-mode access controls☆329Updated 3 years ago