gabriellandau / ItsNotASecurityBoundaryView external linksLinks
☆192Jul 29, 2024Updated last year
Alternatives and similar repositories for ItsNotASecurityBoundary
Users that are interested in ItsNotASecurityBoundary are comparing it to the libraries listed below
Sorting:
- A set of programs for analyzing common vulnerabilities in COM☆245Sep 8, 2024Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆280Sep 18, 2024Updated last year
- Admin to Kernel code execution using the KSecDD driver☆264Apr 19, 2024Updated last year
- Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths☆358Aug 11, 2024Updated last year
- ☆200May 29, 2024Updated last year
- Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar☆136Aug 10, 2024Updated last year
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆79Dec 21, 2022Updated 3 years ago
- PoC Implementation of a fully dynamic call stack spoofer☆901Jul 20, 2024Updated last year
- Reimplementation of the KExecDD DSE bypass technique.☆58Sep 7, 2024Updated last year
- ☆147Oct 29, 2024Updated last year
- Exploiting the KsecDD Windows driver through Server Silos☆76Nov 11, 2024Updated last year
- A fast execution trace symbolizer for Windows that runs on all major platforms and doesn't depend on any Microsoft libraries.☆100Jan 3, 2026Updated last month
- ☆563Feb 22, 2024Updated last year
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆265Aug 31, 2022Updated 3 years ago
- Process injection alternative☆404Sep 6, 2024Updated last year
- A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities☆696Oct 26, 2024Updated last year
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆78Aug 5, 2024Updated last year
- ☆64May 31, 2024Updated last year
- ☆86Jan 21, 2025Updated last year
- This repo contains EXPs about Vulnerable Windows Driver☆47May 22, 2024Updated last year
- POC exploit for CVE-2025-21333 heap-based buffer overflow. It leverages WNF state data and I/O ring IOP_MC_BUFFER_ENTRY☆226Apr 12, 2025Updated 10 months ago
- ☆206Apr 5, 2022Updated 3 years ago
- Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …☆296Jul 31, 2024Updated last year
- Exploitable drivers, you know what I mean☆153Nov 16, 2025Updated 2 months ago
- .NET assembly loader with patchless AMSI and ETW bypass☆366Apr 19, 2023Updated 2 years ago
- Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling withou…☆253Oct 26, 2024Updated last year
- Exploit POC for CVE-2024-36877☆48Aug 14, 2024Updated last year
- ☆126Sep 1, 2024Updated last year
- ☆145Mar 29, 2025Updated 10 months ago
- PoCs for Kernelmode rootkit techniques research.☆429Nov 4, 2025Updated 3 months ago
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆167May 30, 2024Updated last year
- Use hardware breakpoints to spoof the call stack for both syscalls and API calls☆201Jun 6, 2024Updated last year
- A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)☆549Apr 8, 2025Updated 10 months ago
- ☆102Sep 5, 2024Updated last year
- Lateral Movement via the .NET Profiler☆100Nov 21, 2024Updated last year
- Mentally ill EtwTi parser☆66Jan 11, 2026Updated last month
- Activation cache poisoning to elevate from medium to high integrity (CVE-2024-6769)☆79Sep 29, 2024Updated last year
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.☆587Aug 2, 2025Updated 6 months ago
- a tool used to analyze and monitor in named pipes☆193Oct 27, 2024Updated last year