gdabah / win32k-bugsLinks
Dump of win32k POCs for bugs I've found
☆375Updated 3 years ago
Alternatives and similar repositories for win32k-bugs
Users that are interested in win32k-bugs are comparing it to the libraries listed below
Sorting:
- Examples of leaking Kernel Mode information from User Mode on Windows☆604Updated 7 years ago
- Canadian Furious Beaver is a ProcMon-style tool designed only for capturing IRPs sent to any Windows driver.☆321Updated last year
- Tools for instrumenting Windows Defender's mpengine.dll☆298Updated 6 years ago
- A curated list of Hyper-V exploitation resources, fuzzing and vulnerability research.☆414Updated last month
- ☆235Updated 7 years ago
- A bunch of JavaScript extensions for WinDbg.☆340Updated 6 months ago
- Windows Kernel Drivers fuzzer☆348Updated 8 years ago
- Extract Windows Defender database from vdm files and unpack it☆440Updated 5 years ago
- This respository is a collection of C# class libraries which implement RPC clients for various versions of the Windows Operating System f…☆278Updated 5 years ago
- DEFCON 27 workshop - Modern Debugging with WinDbg Preview☆723Updated 7 months ago
- Papers, blogposts, tutorials etc for learning about Windows kernel exploitation, internals and (r|b)ootkits☆394Updated 5 years ago
- My personal cheat sheet for using WinDbg for kernel debugging☆420Updated last month
- collect for learning cases☆584Updated 11 months ago
- Idapython script to carve binary for internal RPC structures☆233Updated last year
- POC for cve-2019-1458☆174Updated 3 years ago
- Toy scripts for playing with WinDbg JS API☆228Updated 10 months ago
- Checksec, but for Windows: static detection of security mitigations in executables☆590Updated 4 months ago
- Have fun with the LowFragmentationHeap☆240Updated 4 years ago
- Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CV…☆228Updated 2 years ago
- My repository to upload drivers from different books and all the information related to windows internals.☆156Updated 5 years ago
- A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.☆434Updated 6 years ago
- PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap☆208Updated 4 years ago
- ☆790Updated 2 years ago
- DriverBuddy is an IDA Python script to assist with the reverse engineering of Windows kernel drivers.☆362Updated 5 years ago
- FLARE Kernel Shellcode Loader☆178Updated 6 years ago
- Research on Windows Kernel Executive Callback Objects☆287Updated 5 years ago
- Quickly debug shellcode extracted during malware analysis☆602Updated 2 years ago
- An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.☆139Updated 2 years ago
- This is a simple example and explanation of obfuscating API resolution via hashing☆235Updated 5 years ago
- Windows Kernel Programming☆129Updated 5 years ago