☆194Jul 29, 2024Updated last year
Alternatives and similar repositories for ItsNotASecurityBoundary
Users that are interested in ItsNotASecurityBoundary are comparing it to the libraries listed below
Sorting:
- A set of programs for analyzing common vulnerabilities in COM☆249Sep 8, 2024Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆283Sep 18, 2024Updated last year
- Admin to Kernel code execution using the KSecDD driver☆264Apr 19, 2024Updated last year
- Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths☆360Aug 11, 2024Updated last year
- ☆202May 29, 2024Updated last year
- Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar☆137Aug 10, 2024Updated last year
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆84Dec 21, 2022Updated 3 years ago
- PoC Implementation of a fully dynamic call stack spoofer☆921Jul 20, 2024Updated last year
- Reimplementation of the KExecDD DSE bypass technique.☆59Sep 7, 2024Updated last year
- ☆147Oct 29, 2024Updated last year
- Exploiting the KsecDD Windows driver through Server Silos☆77Nov 11, 2024Updated last year
- A fast execution trace symbolizer for Windows that runs on all major platforms and doesn't depend on any Microsoft libraries.☆100Jan 3, 2026Updated 2 months ago
- ☆564Feb 22, 2024Updated 2 years ago
- Process injection alternative☆406Sep 6, 2024Updated last year
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆269Aug 31, 2022Updated 3 years ago
- A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities☆701Oct 26, 2024Updated last year
- ☆63May 31, 2024Updated last year
- ☆86Jan 21, 2025Updated last year
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆79Aug 5, 2024Updated last year
- This repo contains EXPs about Vulnerable Windows Driver☆47May 22, 2024Updated last year
- ☆208Apr 5, 2022Updated 3 years ago
- POC exploit for CVE-2025-21333 heap-based buffer overflow. It leverages WNF state data and I/O ring IOP_MC_BUFFER_ENTRY☆228Apr 12, 2025Updated 10 months ago
- Exploitable drivers, you know what I mean☆152Nov 16, 2025Updated 3 months ago
- Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …☆299Jul 31, 2024Updated last year
- Position-independent Reflective Loader for macOS☆119Feb 19, 2026Updated 2 weeks ago
- Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling withou…☆253Oct 26, 2024Updated last year
- Exploit POC for CVE-2024-36877☆48Aug 14, 2024Updated last year
- .NET assembly loader with patchless AMSI and ETW bypass☆370Apr 19, 2023Updated 2 years ago
- ☆126Sep 1, 2024Updated last year
- PoCs for Kernelmode rootkit techniques research.☆432Nov 4, 2025Updated 4 months ago
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆169May 30, 2024Updated last year
- ☆146Mar 29, 2025Updated 11 months ago
- Use hardware breakpoints to spoof the call stack for both syscalls and API calls☆203Jun 6, 2024Updated last year
- Lateral Movement via the .NET Profiler☆100Nov 21, 2024Updated last year
- A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)☆558Apr 8, 2025Updated 11 months ago
- Mentally ill EtwTi parser☆68Jan 11, 2026Updated last month
- Activation cache poisoning to elevate from medium to high integrity (CVE-2024-6769)☆79Sep 29, 2024Updated last year
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.☆591Aug 2, 2025Updated 7 months ago
- a tool used to analyze and monitor in named pipes☆194Oct 27, 2024Updated last year