This repo contains PoCs for vulnerable Windows drivers.
☆130Dec 20, 2025Updated 2 months ago
Alternatives and similar repositories for WinDriver-EXP
Users that are interested in WinDriver-EXP are comparing it to the libraries listed below
Sorting:
- REcon 2024 Repo, slides for talk "GOP Complex: Image parsing bugs, EBC polymorphic engines and the Deus ex machina of UEFI exploit dev""☆14Mar 31, 2025Updated 11 months ago
- ShootCutMe an .LNK file creator tool for redteamer☆16Oct 2, 2024Updated last year
- Windows kernel driver that detects hypervisors by probing SIDT/LIDT edge cases, paging/TLB behaviors, privilege transitions, and timing e…☆36Dec 17, 2025Updated 2 months ago
- Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …☆54Dec 30, 2025Updated 2 months ago
- Exploit for CVE-2024-29847☆18Sep 15, 2024Updated last year
- hijacks the discord overlay and draws imgui inside of it while remaining flagless due to the discord overlay devs being retarded☆18Apr 29, 2025Updated 10 months ago
- Command Augmentation support for BOFs and .NET assemblies across agents☆40Feb 17, 2026Updated 2 weeks ago
- ☆47Dec 28, 2025Updated 2 months ago
- Terms of Use Conditional Access M365 Evilginx Phishlet☆44Jun 23, 2025Updated 8 months ago
- Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible. No …☆23Jun 16, 2024Updated last year
- (First Public?) Sample of unhooking ntdll (All Exports & IAT imports) hooks in Rust using in-memory disassembly, avoiding direct syscalls…☆137Mar 3, 2025Updated last year
- SyscallLoader☆11Sep 13, 2021Updated 4 years ago
- Resolve offsets, gadgets and symbols from NTKernel☆56Jan 15, 2026Updated last month
- Bulk indicator VirusTotal lookups supporting file hashes, domains and IPs.☆12May 28, 2025Updated 9 months ago
- ☆16Updated this week
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆381Dec 13, 2024Updated last year
- This repo contains useful scripts that AI created for me which I would have been too lazy for☆92Feb 22, 2026Updated last week
- The command prompt has been disabled by your administrator☆42May 18, 2023Updated 2 years ago
- A straightforward tool for exploiting SMTP Smuggling vulnerabilities.☆14Jul 22, 2024Updated last year
- lsassdump via RtlCreateProcessReflection and NanoDump☆85Oct 18, 2024Updated last year
- Using MMIO (Memory-Mapped I/O) to read TPM 2.0 public Endorsement Key.☆54May 29, 2024Updated last year
- SQL injection detection engine by tokenzing and syntax analysis, like SQLChop☆10May 8, 2017Updated 8 years ago
- Python Script to quickly check if a host is running NetScaler Gateway and/or AAA☆12Jul 27, 2023Updated 2 years ago
- IOCTL++ can be used to make DeviceIoControl requests with arbitrary inputs.☆35Oct 28, 2025Updated 4 months ago
- A stager and implant that executes remote Web Assembly☆37Feb 4, 2026Updated 3 weeks ago
- Watches the Downloads folder for any new files and inserts it into Nemesis for analysis.☆15Feb 29, 2024Updated 2 years ago
- An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe component☆11Aug 5, 2023Updated 2 years ago
- ☆89Jul 18, 2023Updated 2 years ago
- Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …☆298Jul 31, 2024Updated last year
- Boilerplate to develop raw and truly Position Independent Code (PIC).☆117Jan 20, 2025Updated last year
- Dump the memory of any PPL with a Userland exploit chain☆350Mar 17, 2023Updated 2 years ago
- ☆88Aug 16, 2025Updated 6 months ago
- A C# implementation of dumping credentials from Windows Credential Manager☆62Sep 23, 2023Updated 2 years ago
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆283Apr 6, 2025Updated 10 months ago
- easy dll proxying in go☆14Apr 24, 2022Updated 3 years ago
- A different approach to writing BOFs in rust.☆19Aug 20, 2025Updated 6 months ago
- Misery Loader to bypass modern EDR solutions☆18Dec 20, 2024Updated last year
- ☆21Feb 18, 2025Updated last year
- System Call Integrity Layer - experimental security research☆25Jan 31, 2026Updated last month