"Screwed Drivers" centralized information source for code references, links, etc.
☆372Mar 19, 2020Updated 5 years ago
Alternatives and similar repositories for Screwed-Drivers
Users that are interested in Screwed-Drivers are comparing it to the libraries listed below
Sorting:
- Enumerating and removing kernel callbacks using signed vulnerable drivers☆587Jan 24, 2023Updated 3 years ago
- Weaponizing Gigabyte driver for priv escalation and bypass PPL☆71Jun 30, 2019Updated 6 years ago
- Local privilege escalation PoC exploit for CVE-2019-16098☆201Sep 13, 2019Updated 6 years ago
- PoC memory injection detection agent based on ETW, for offensive and defensive research purposes☆301Apr 10, 2021Updated 4 years ago
- ☆505Aug 14, 2022Updated 3 years ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆116Feb 27, 2021Updated 5 years ago
- A collection of various vulnerable (mostly physical memory exposing) drivers.☆450Jun 15, 2022Updated 3 years ago
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆674Dec 23, 2022Updated 3 years ago
- ☆118Aug 7, 2022Updated 3 years ago
- A tool to create COM class/interface relationships in neo4j☆50Oct 12, 2022Updated 3 years ago
- Kernel Driver Utility☆2,428Feb 17, 2026Updated 2 weeks ago
- ☆154Jul 31, 2022Updated 3 years ago
- Tool to bypass LSA Protection (aka Protected Process Light)☆989Dec 4, 2022Updated 3 years ago
- A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…☆534Aug 1, 2022Updated 3 years ago
- ☆129Sep 14, 2020Updated 5 years ago
- Driver Initial Reconnaissance Tool☆126Dec 26, 2019Updated 6 years ago
- Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode☆2,507Nov 15, 2023Updated 2 years ago
- ☆59Jun 8, 2022Updated 3 years ago
- Phantom DLL hollowing PoC☆371May 23, 2022Updated 3 years ago
- HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux☆2,959Feb 24, 2025Updated last year
- A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC☆374May 24, 2022Updated 3 years ago
- Nim version of MDSec's Parallel Syscall PoC☆124Jan 14, 2022Updated 4 years ago
- Bring your own print driver privilege escalation tool☆260Aug 5, 2021Updated 4 years ago
- Vulnerable driver research tool, result and exploit PoCs☆229Nov 1, 2023Updated 2 years ago
- ☆1,788Aug 30, 2024Updated last year
- A bunch of scripts and code i wrote.☆149Nov 7, 2024Updated last year
- SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature…☆1,255Aug 27, 2023Updated 2 years ago
- This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret …☆263Apr 29, 2023Updated 2 years ago
- Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely☆424Jul 27, 2022Updated 3 years ago
- LiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript☆345Sep 1, 2021Updated 4 years ago
- ☆564Feb 22, 2024Updated 2 years ago
- Run Processes as PPL with ELAM☆177Mar 17, 2022Updated 3 years ago
- ☆153Jan 6, 2023Updated 3 years ago
- Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the in…☆1,186Jul 5, 2023Updated 2 years ago
- Rusty Injection - Shellcode Reflective DLL Injection (sRDI) in Rust (Codename: Venom)☆360Mar 2, 2024Updated 2 years ago
- CVE-2020-15368, aka "How to exploit a vulnerable driver"☆508Apr 14, 2022Updated 3 years ago
- A Windows kernel-mode rootkit that abuses legitimate communication channels to control a machine.☆722Aug 5, 2020Updated 5 years ago
- Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CV…☆258Sep 1, 2022Updated 3 years ago
- ShellWasp is a tool to help build shellcode that utilizes Windows syscalls, while overcoming the portability problem associated with Wind…☆172Aug 1, 2023Updated 2 years ago