dro / uac-launchinf-poc
Windows 10 UAC bypass PoC using LaunchInfSection
☆34Updated 6 years ago
Alternatives and similar repositories for uac-launchinf-poc:
Users that are interested in uac-launchinf-poc are comparing it to the libraries listed below
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆22Updated 7 years ago
- Takes a Windbg dumped structure (using the 'dt' command) and formats it into a C structure☆35Updated 8 months ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆29Updated 7 years ago
- ☆45Updated 4 years ago
- Exploiting HEVD's WriteWhatWhereIoctlDispatch for LPE on Windows 10 TH2 through RS3 using GDI objects.☆24Updated 7 years ago
- Kernel-mode file scanner☆18Updated 6 years ago
- A little WinDbg extension to help dump the state of Win32k Type Isolation structures.☆38Updated 7 years ago
- Windows 10 kernel and ntdll internal types, directly compatible with ida.☆50Updated 6 years ago
- ☆16Updated 5 years ago
- Import debugging traces from WinDBG into IDA. Color the graph, fill in the value of all the operands, etc.☆25Updated 12 years ago
- Slides of 44Con 2018☆21Updated 6 years ago
- exploit termdd.sys(support kb4499175)☆58Updated 5 years ago
- AllMemPro☆43Updated 7 years ago
- Polymorphic Stub Creator☆32Updated 7 years ago
- reversed emet tool☆24Updated 12 years ago
- Control Flow Guard bypass using LoadLibrary and IsBadCodePtr☆45Updated 8 years ago
- ntoskrnl symbol pdb and undocument structures☆25Updated 7 years ago
- A POC for Windows Extension Host hooking☆22Updated 5 years ago
- PoC for detecting and dumping process hollowing code injection☆51Updated 6 years ago
- just an lite AntiRootkit for interesting☆23Updated 9 years ago
- Windbg extension that allows you analyze Control Flow Guard map☆34Updated 3 years ago
- ☆14Updated 7 years ago
- User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.☆19Updated 9 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆53Updated 5 years ago
- drvtriks kernel driver for Windows 7 SP1 and 8.1 x64, that tricks around in your system.☆31Updated 7 years ago
- ☆19Updated 5 years ago
- reverse win7 32bit hotpatch implement☆9Updated 11 years ago
- Code injection via delay load libraries☆34Updated 7 years ago
- Helper utility for debugging windows PE/PE+ loader.☆52Updated 10 years ago
- User-mode hook bypassing method☆33Updated 8 years ago