hoangprod/DanSpecial external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

hoangprod/DanSpecial

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/hoangprod/DanSpecial)

Close

hoangprod / DanSpecialView on GitHubMore

• External links
• Readme badge

Weaponizing Gigabyte driver for priv escalation and bypass PPL

☆70Jun 30, 2019Updated 6 years ago

Alternatives and similar repositories for DanSpecial

Users that are interested in DanSpecial are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• tsarpaul / RpcEnumIDA

  View on GitHub
  XPN's RpcEnum but based on IDA instead of Ghidra
  ☆21Aug 17, 2019Updated 6 years ago
• wolk-1024 / CrossInject

  View on GitHub
  x86/x64 dll injector
  ☆31May 17, 2022Updated 4 years ago
• Rat431 / ColdKernel_KUSER

  View on GitHub
  A simple kernel mode driver that hooks some values at the KUSER_SHARED_DATA structure.
  ☆26Jan 7, 2020Updated 6 years ago
• 0xcpu / exthost

  View on GitHub
  A POC for Windows Extension Host hooking
  ☆24Jul 13, 2019Updated 6 years ago
• eclypsium / Screwed-Drivers

  View on GitHub
  "Screwed Drivers" centralized information source for code references, links, etc.
  ☆379Mar 19, 2020Updated 6 years ago
• End-to-end encrypted email - Proton Mail • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
• conix-security / debug_inject

  View on GitHub
  Shellcode injection using debugging APIs
  ☆19Jan 13, 2014Updated 12 years ago
• djhohnstein / ProcessReimaging

  View on GitHub
  Process reimaging proof of concept code
  ☆95Jun 21, 2019Updated 6 years ago
• zhuhuibeishadiao / exploit-RemoteDesktopServerDriver

  View on GitHub
  exploit termdd.sys(support kb4499175)
  ☆61Jul 15, 2019Updated 6 years ago
• yjugl / mitimon

  View on GitHub
  Monitor ETW events for Windows process mitigation policies, with stack traces
  ☆30Oct 7, 2022Updated 3 years ago
• x-super-rat / x-rat

  View on GitHub
  ☆10Aug 16, 2019Updated 6 years ago
• huoji120 / Etw-Syscall

  View on GitHub
  https://key08.com/index.php/2021/10/19/1375.html
  ☆71May 11, 2022Updated 4 years ago
• maxkray13 / Cvc

  View on GitHub
  Communication via callback
  ☆73Oct 9, 2019Updated 6 years ago
• bb107 / RtlWow64

  View on GitHub
  c++ implementation of windows heavens gate
  ☆70Feb 12, 2021Updated 5 years ago
• andyvand / msirda

  View on GitHub
  Microsoft decompiled IrDA drivers
  ☆16Apr 15, 2015Updated 11 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• yardenshafir / SymlinkCallback

  View on GitHub
  A driver that hooks C: volume using symbolic link callback to track all FS access to the volume
  ☆108Apr 24, 2020Updated 6 years ago
• vmcall / owned_alignment

  View on GitHub
  Hooking kernel functions by abusing alignment
  ☆250Jan 5, 2021Updated 5 years ago
• JaanusKaapPublic / BlogHyperV

  View on GitHub
  Tools made for my Hyper-V blog series @ https://foxhex0ne.blogspot.com/
  ☆57Jun 21, 2020Updated 5 years ago
• Speedi13 / NsiAllocateAndGetTable-used-from-GetTcpTableInternal

  View on GitHub
  Undocumented NsiAllocateAndGetTable usage in GetTcpTableInternal reverse engineered on Win7 X64
  ☆21Apr 7, 2018Updated 8 years ago
• antman1p / PrintTCCdb

  View on GitHub
  JXA script for Mythic that prints the TCC.db
  ☆15Apr 18, 2021Updated 5 years ago
• airbus-cert / etwbreaker

  View on GitHub
  An IDA plugin to deal with Event Tracing for Windows (ETW)
  ☆55Jul 8, 2022Updated 3 years ago
• namazso / physmem_drivers

  View on GitHub
  A collection of various vulnerable (mostly physical memory exposing) drivers.
  ☆473Jun 15, 2022Updated 3 years ago
• repnz / autochk-rootkit

  View on GitHub
  Reverse engineered source code of the autochk rootkit
  ☆212Nov 1, 2019Updated 6 years ago
• zouxianyu / KernelHiddenExecute

  View on GitHub
  Hide codes/data in the kernel address space.
  ☆187May 8, 2021Updated 5 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• xjlzyi / gameplug

  View on GitHub
  pass game protect
  ☆11Apr 26, 2014Updated 12 years ago
• DimopoulosElias / Primitives

  View on GitHub
  ☆31Jul 27, 2020Updated 5 years ago
• zhuhuibeishadiao / PatchGuardResearch

  View on GitHub
  win10 pgContext dynamic dump (btc version)
  ☆115Jan 15, 2020Updated 6 years ago
• FaEryICE / MemScanner

  View on GitHub
  Analyze Windows x64 Kernel Memory Layout
  ☆131Nov 19, 2020Updated 5 years ago
• ChaitanyaHaritash / NIM-Scripts

  View on GitHub
  ☆18Aug 19, 2021Updated 4 years ago
• ITHare / obf

  View on GitHub
  C++ Code+Data Obfuscation Library with Build-Time Polymorphism
  ☆111Mar 8, 2018Updated 8 years ago
• jonpalmisc / CVE-2021-40531

  View on GitHub
  Quarantine bypass and RCE vulnerability in Sketch (proof-of-concept)
  ☆12Nov 22, 2021Updated 4 years ago
• tandasat / CVE-2022-25949

  View on GitHub
  A years-old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77.
  ☆38Mar 16, 2022Updated 4 years ago
• br-sn / CheekyBlinder

  View on GitHub
  Enumerating and removing kernel callbacks using signed vulnerable drivers
  ☆593Jan 24, 2023Updated 3 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• monoxgas / Koppeling

  View on GitHub
  Adaptive DLL hijacking / dynamic export forwarding
  ☆819Jul 6, 2020Updated 5 years ago
• palantir / exploitguard

  View on GitHub
  Documentation and supporting script sample for Windows Exploit Guard
  ☆168Sep 8, 2025Updated 9 months ago
• Air14 / KDBGDecryptor

  View on GitHub
  A simple example how to decrypt kernel debugger data block
  ☆32Feb 8, 2021Updated 5 years ago
• anzelesnik / MySyscall

  View on GitHub
  Example of hijacking system calls via function pointer tables
  ☆31Jun 26, 2021Updated 4 years ago
• 0xhido / BlueLight

  View on GitHub
  Open-source EDR kernel-component for system monitoring and DLL injection
  ☆33Nov 14, 2020Updated 5 years ago
• DownWithUp / DynamicKernelShellcode

  View on GitHub
  An example of how x64 kernel shellcode can dynamically find and use APIs
  ☆103May 14, 2020Updated 6 years ago
• Kara-4search / Fiber_ShellcodeExecution

  View on GitHub
  Using fibers to execute shellcode in a local process via csharp
  ☆26Jan 2, 2022Updated 4 years ago