PoC for breaking hypervisor ASLR using branch target buffer collisions
☆168Sep 24, 2016Updated 9 years ago
Alternatives and similar repositories for mario_baslr
Users that are interested in mario_baslr are comparing it to the libraries listed below
Sorting:
- The DrK Attack - Proof of concept☆347Mar 13, 2022Updated 3 years ago
- Xenpwn is a toolkit for memory access tracing using hardware-assisted virtualization☆145Jul 22, 2016Updated 9 years ago
- Patching Flash binary to stop Flash exploits and zero-days☆62Apr 18, 2017Updated 8 years ago
- Fuzz and Detect "Use After Free" vulnerability in win32k.sys ( Heap based )☆138Nov 28, 2015Updated 10 years ago
- Grep-like WinDbg extension☆45Apr 7, 2017Updated 8 years ago
- ☆63Apr 13, 2017Updated 8 years ago
- CVE-2017-5689 Proof-of-Concept exploit☆57Jul 27, 2017Updated 8 years ago
- Membrane: A Posteriori Detection of Malicious Code Loading by Memory Paging Analysis☆41Sep 12, 2016Updated 9 years ago
- Lists work items being queued currently.☆14Jun 7, 2015Updated 10 years ago
- Agent installed on node to launch IDA,Bindiff,... and send results to the server ( AutoDiffWeb )☆10Mar 25, 2016Updated 9 years ago
- I Know Where Your Page Lives: Derandomizing the latest Windows 10 Kernel - ZeroNights 2016☆172Dec 7, 2016Updated 9 years ago
- Diff tool for comparing export tables in PE images☆24Mar 4, 2020Updated 6 years ago
- A Public-domain C header file for x86 MSR (Model Specific Register) addresses, and a naive generator of it.☆14Dec 17, 2017Updated 8 years ago
- aflpin enables afl to fuzz blackbox binaries using a pin tool to trace execution branches.☆172Jan 27, 2015Updated 11 years ago
- Using WinDBG to tap into JavaScript and help with deobfuscation and browser exploit detection☆82Mar 22, 2017Updated 8 years ago
- DerbyCon 2017 Presentation VMware Escapology: How to Houdini the Hypervisor☆58Nov 28, 2017Updated 8 years ago
- A branch-monitor-based solution for process monitoring.☆138Feb 9, 2020Updated 6 years ago
- Internet Explorer Exploit with CFG bypass for Windows 10☆59Jan 11, 2017Updated 9 years ago
- SymGDB - symbolic execution plugin for gdb☆218May 15, 2018Updated 7 years ago
- Writing PoC for fun and educate people take security seriously;-)☆142Dec 31, 2018Updated 7 years ago
- Loading unsigned code into kernel in Windows 10 (64) with help of VMware Workstation Pro/Player design flaw☆141Apr 4, 2017Updated 8 years ago
- capstone based disassembler for extracting to binnavi☆229Jun 8, 2016Updated 9 years ago
- Simple library to spray the Windows Kernel Pool☆110Jan 6, 2020Updated 6 years ago
- ☆10Aug 13, 2015Updated 10 years ago
- implementation of some concepts in Security and Exploiting☆13Aug 24, 2015Updated 10 years ago
- TLB splitting module for the Bareflank Hypervisor.☆12Sep 23, 2018Updated 7 years ago
- Misc PoCs for various research topics☆21Sep 28, 2022Updated 3 years ago
- A linux system call fuzzer using TriforceAFL☆177Feb 28, 2024Updated 2 years ago
- This framework is for fuzzing OSX kernel vulnerability based on passive inline hook mechanism in kernel mode.☆229Oct 18, 2017Updated 8 years ago
- Automated Exploit generation with WinDBG☆190Oct 18, 2016Updated 9 years ago
- ☆39Oct 21, 2016Updated 9 years ago
- ☆30May 23, 2017Updated 8 years ago
- Slides and very basic examples☆112May 17, 2017Updated 8 years ago
- Uncovering Class Hierarchies in C++ Programs☆127Sep 16, 2022Updated 3 years ago
- Reverse Engineering Page Table Caches in Your Processor☆374May 5, 2021Updated 4 years ago
- Exploitation techniques to bypass Clang CFI when applied to Chromium☆114Mar 5, 2018Updated 8 years ago
- Automatically exported from code.google.com/p/kemufuzzer☆26Mar 17, 2015Updated 10 years ago
- ☆85Apr 17, 2020Updated 5 years ago
- ☆14Jun 30, 2015Updated 10 years ago