gdabah / win32k-bugsLinks
Dump of win32k POCs for bugs I've found
☆375Updated 3 years ago
Alternatives and similar repositories for win32k-bugs
Users that are interested in win32k-bugs are comparing it to the libraries listed below
Sorting:
- Tools for instrumenting Windows Defender's mpengine.dll☆300Updated 6 years ago
- Canadian Furious Beaver is a ProcMon-style tool designed only for capturing IRPs sent to any Windows driver.☆322Updated last year
- Examples of leaking Kernel Mode information from User Mode on Windows☆605Updated 7 years ago
- Extract Windows Defender database from vdm files and unpack it☆443Updated this week
- ☆235Updated 7 years ago
- A bunch of JavaScript extensions for WinDbg.☆343Updated 6 months ago
- POC for cve-2019-1458☆175Updated 3 years ago
- Windows Kernel Drivers fuzzer☆349Updated 8 years ago
- Toy scripts for playing with WinDbg JS API☆232Updated 11 months ago
- DEFCON 27 workshop - Modern Debugging with WinDbg Preview☆726Updated 7 months ago
- A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.☆435Updated 6 years ago
- A curated list of Hyper-V exploitation resources, fuzzing and vulnerability research.☆417Updated 2 months ago
- DriverBuddy is an IDA Python script to assist with the reverse engineering of Windows kernel drivers.☆364Updated 5 years ago
- Have fun with the LowFragmentationHeap☆241Updated 4 years ago
- Idapython script to carve binary for internal RPC structures☆233Updated last year
- PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap☆208Updated 4 years ago
- Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CV…☆228Updated 2 years ago
- My repository to upload drivers from different books and all the information related to windows internals.☆156Updated 5 years ago
- Checksec, but for Windows: static detection of security mitigations in executables☆591Updated 5 months ago
- Papers, blogposts, tutorials etc for learning about Windows kernel exploitation, internals and (r|b)ootkits☆396Updated 5 years ago
- Research on Windows Kernel Executive Callback Objects☆288Updated 5 years ago
- My personal cheat sheet for using WinDbg for kernel debugging☆423Updated 2 months ago
- collect for learning cases☆585Updated last year
- Public repository for windbglib, a wrapper around pykd.pyd (for Windbg), used by mona.py☆328Updated 2 years ago
- A Binary Ninja plugin for vulnerability research.☆294Updated 9 months ago
- FLARE Kernel Shellcode Loader☆178Updated 6 years ago
- A small, null-free Windows shellcode that executes calc.exe (x86/x64, all OS/SPs)☆414Updated last year
- Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code☆183Updated 4 years ago
- My implementation of enSilo's Process Doppelganging (PE injection technique)☆620Updated 2 years ago
- Quickly debug shellcode extracted during malware analysis☆604Updated 2 years ago