Various tools, PoCs and experiments related to my blog at https://www.forrest-orr.net/
☆41Jul 22, 2021Updated 4 years ago
Alternatives and similar repositories for ExploitDev
Users that are interested in ExploitDev are comparing it to the libraries listed below
Sorting:
- Phantom DLL hollowing PoC☆370May 23, 2022Updated 3 years ago
- Corsair LL Access driver abuse☆24Apr 16, 2021Updated 4 years ago
- ☆27Aug 8, 2021Updated 4 years ago
- Port of Mandiant ShellcodeHashes plugin from IDA to BinaryNinja☆11Jul 24, 2024Updated last year
- A simple C++ driver base with KD data block☆11Jun 25, 2022Updated 3 years ago
- Shellcode execution for memflow☆13Apr 11, 2022Updated 3 years ago
- ☆10Jun 11, 2022Updated 3 years ago
- Freaking Injector is a tool which made for injecting dlls into other processes in Windows x64 systems with bunch of diffrent injection me…☆11Dec 3, 2020Updated 5 years ago
- A *very* imperfect attempt to correlate Kernel32 function calls to native API (Nt/Zw) counterparts/execution flow.☆28Dec 16, 2021Updated 4 years ago
- Simple project using syscalls (via Syswhispers2) to execute MessageBox shellcode.☆76Nov 12, 2021Updated 4 years ago
- Run Processes as PPL with ELAM☆177Mar 17, 2022Updated 3 years ago
- Abusing RtlAdjustPrivilege and NtSetInformationProcess to cause a BSOD from usermode☆20Sep 1, 2022Updated 3 years ago
- Auditing Hooks for https://github.com/jborean93/PSDetour☆13Apr 29, 2025Updated 10 months ago
- XOR crypt/decrypt using C#☆12Sep 30, 2020Updated 5 years ago
- hooks gServerHandlers xxxEventWndProc☆13May 1, 2022Updated 3 years ago
- ☆12Sep 29, 2021Updated 4 years ago
- WhoAmI by asking the LDAP service on a domain controller.☆64Feb 8, 2022Updated 4 years ago
- Remove API hooks from a Beacon process.☆76Mar 13, 2022Updated 3 years ago
- Repository to place any and all scripts made to solve CTF challenges. Why solve what's already been solved?☆13Nov 12, 2023Updated 2 years ago
- Experiment building lifting-bits dependencies with pure CMake. Migrated to:☆22Oct 8, 2024Updated last year
- ☆18Nov 24, 2020Updated 5 years ago
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆16Sep 4, 2020Updated 5 years ago
- automates exploits using ROP chains, using ntdll-scraper☆16May 26, 2022Updated 3 years ago
- string encryption in Nim☆20Jun 15, 2024Updated last year
- ☆13Jul 15, 2021Updated 4 years ago
- Proof-of-Concept software for detecting AV/EDR hooks in Windows libraries.☆38May 12, 2022Updated 3 years ago
- MalUnpack companion driver☆99Jun 17, 2024Updated last year
- Microsoft365 Device Code Phishing Framework☆39Sep 4, 2021Updated 4 years ago
- Weaponizing CLRvoyance for Post-Ex .NET Execution☆38Jul 15, 2021Updated 4 years ago
- FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!☆358Sep 1, 2022Updated 3 years ago
- quotes i like.☆17Aug 1, 2019Updated 6 years ago
- ☆14Jan 7, 2022Updated 4 years ago
- Simple PoCs for utilizing Windows syscalls in Go☆16Jan 13, 2021Updated 5 years ago
- Binary Ninja plugin to perform automated analysis of Windows drivers☆20Aug 8, 2019Updated 6 years ago
- Here is a collage of reverse engineering topics that I find interesting☆16Dec 10, 2017Updated 8 years ago
- Subtract one PE file from another!