forrest-orr / ExploitDev

Related projects ⓘ

Alternatives and complementary repositories for ExploitDev

• xalicex / Unhook-Import-Address-Table
  Piece of code to detect and remove hooks in IAT
  ☆58Updated 2 years ago
• LloydLabs / process-enumeration-stealth
  ☆76Updated 2 months ago
• dis0rder0x00 / CanYouCTheThief
  A C implementation of the Sektor7 "A Thief" Windows privesc technique.
  ☆61Updated 2 years ago
• passthehashbrowns / suspendedunhook
  ☆37Updated 3 years ago
• boku7 / HellsGatePPID
  Assembly HellGate implementation that directly calls Windows System Calls and displays the PPID of the explorer.exe process
  ☆97Updated last year
• RobinFassinaMoschiniForks / TransitionalPeriod
  Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits
  ☆28Updated 2 years ago
• SolomonSklash / UnhookingPOC
  A small commented POC for removing API hooks placed by AV/EDR.
  ☆33Updated 4 years ago
• crummie5 / Freshycalls_PoC
  A simple dumper as FreshyCalls' PoC. That's what's trendy, isn't it? ¯\_(ツ)_/¯
  ☆39Updated 3 years ago
• ethereal-vx / Persistence
  Recreating and reviewing the Windows persistence methods
  ☆39Updated 3 years ago
• jbaines-r7 / dellicious
  Enabled / Disable LSA Protection via BYOVD
  ☆62Updated 2 years ago
• dobin / RedEdr
  Collect Windows telemetry for Maldev
  ☆57Updated this week
• connormcgarr / Kernel-Escalation-of-Privileges-Payloads
  NT AUTHORITY\SYSTEM
  ☆38Updated 4 years ago
• uf0o / windows-ps-callbacks-experiments
  Files for http://blog.deniable.org/posts/windows-callbacks/
  ☆67Updated 2 years ago
• realoriginal / foliage
  A proof of concept I developed to improve Gargoyle back in 2018 to achieve true memory obfuscation from position independent code
  ☆39Updated 2 months ago
• xalicex / Get-DLL-and-Function-Addresses
  GetModuleHandle (via PEB) and GetProcAddress (via EAT) like
  ☆32Updated 2 years ago
• thefLink / Hunt-Weird-ImageLoads
  Small tool to play with IOCs caused by Imageload events
  ☆37Updated last year
• N4kedTurtle / LocalDllParse
  ☆54Updated 3 years ago
• leoloobeek / COMRunner
  A simple COM server which provides a component to run shellcode
  ☆132Updated 4 years ago
• susMdT / effective-waffle
  yet another sleep encryption thing. also used the default github repo name for this one.
  ☆69Updated last year
• hackerhouse-opensource / envschtasksuacbypass
  Bypass UAC elevation on Windows 8 (build 9600) & above.
  ☆53Updated 2 years ago
• connormcgarr / An-Intro-2-Win-ED
  "An Introduction to Windows Exploit Development" is an open sourced, free Windows exploit development course I created for the Southeast …
  ☆39Updated 4 years ago
• yoavshah / ImportlessApi
  ☆18Updated 11 months ago
• zimnyaa / LEOPARDSEAL
  A simple Linux in-memory .so loader
  ☆26Updated last year
• LloydLabs / dearg-thread-ipc-stealth
  A novel technique to communicate between threads using the standard ETHREAD structure
  ☆110Updated 3 years ago
• RedTeamOperations / VEH-PoC
  ☆106Updated last year