Weaponizing Gigabyte driver for priv escalation and bypass PPL
☆71Jun 30, 2019Updated 6 years ago
Alternatives and similar repositories for DanSpecial
Users that are interested in DanSpecial are comparing it to the libraries listed below
Sorting:
- XPN's RpcEnum but based on IDA instead of Ghidra☆21Aug 17, 2019Updated 6 years ago
- x86/x64 dll injector☆31May 17, 2022Updated 3 years ago
- A simple kernel mode driver that hooks some values at the KUSER_SHARED_DATA structure.☆27Jan 7, 2020Updated 6 years ago
- A POC for Windows Extension Host hooking☆24Jul 13, 2019Updated 6 years ago
- Monitor ETW events for Windows process mitigation policies, with stack traces☆31Oct 7, 2022Updated 3 years ago
- Shellcode injection using debugging APIs☆19Jan 13, 2014Updated 12 years ago
- exploit termdd.sys(support kb4499175)☆61Jul 15, 2019Updated 6 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆71May 11, 2022Updated 3 years ago
- Process reimaging proof of concept code☆97Jun 21, 2019Updated 6 years ago
- Analyze Windows x64 Kernel Memory Layout☆130Nov 19, 2020Updated 5 years ago
- ☆21Sep 6, 2018Updated 7 years ago
- c++ implementation of windows heavens gate☆70Feb 12, 2021Updated 5 years ago
- A driver that hooks C: volume using symbolic link callback to track all FS access to the volume☆109Apr 24, 2020Updated 5 years ago
- Hooking kernel functions by abusing alignment☆248Jan 5, 2021Updated 5 years ago
- Undocumented NsiAllocateAndGetTable usage in GetTcpTableInternal reverse engineered on Win7 X64☆20Apr 7, 2018Updated 7 years ago
- "Screwed Drivers" centralized information source for code references, links, etc.☆372Mar 19, 2020Updated 5 years ago
- Tools made for my Hyper-V blog series @ https://foxhex0ne.blogspot.com/☆58Jun 21, 2020Updated 5 years ago
- Communication via callback☆73Oct 9, 2019Updated 6 years ago
- Reverse engineered source code of the autochk rootkit☆210Nov 1, 2019Updated 6 years ago
- Microsoft decompiled IrDA drivers☆16Apr 15, 2015Updated 10 years ago
- ☆10Aug 16, 2019Updated 6 years ago
- C++ Code+Data Obfuscation Library with Build-Time Polymorphism☆109Mar 8, 2018Updated 8 years ago
- Stealthy Injector that leverages a vulnerable driver and other exploits to remain undetected☆37Dec 10, 2018Updated 7 years ago
- ☆31Jul 27, 2020Updated 5 years ago
- A collection of various vulnerable (mostly physical memory exposing) drivers.☆450Jun 15, 2022Updated 3 years ago
- Hide codes/data in the kernel address space.☆188May 8, 2021Updated 4 years ago
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆51Mar 11, 2021Updated 4 years ago
- Open-source EDR kernel-component for system monitoring and DLL injection☆33Nov 14, 2020Updated 5 years ago
- win10 pgContext dynamic dump (btc version)☆110Jan 15, 2020Updated 6 years ago
- Run some secret code invisible from debugger single step.(x86 process on x64 windows only)☆25Mar 13, 2020Updated 5 years ago
- Quarantine bypass and RCE vulnerability in Sketch (proof-of-concept)☆13Nov 22, 2021Updated 4 years ago
- x86/x64 architecture plugin☆40Mar 7, 2024Updated 2 years ago
- A drop-in replacement for the C++ STL for kernel mode Windows drivers. The goal is to have implementations for things like the standard a…☆33Jul 12, 2016Updated 9 years ago
- Global DLL injector☆71May 16, 2021Updated 4 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆65Jun 19, 2019Updated 6 years ago
- An IDA plugin to deal with Event Tracing for Windows (ETW)☆55Jul 8, 2022Updated 3 years ago
- pass game protect☆12Apr 26, 2014Updated 11 years ago
- A small bypass for BattlEye's integrity checks on all mono games. This should be used as POC and as a learning material only.☆13Apr 25, 2020Updated 5 years ago
- Windows file system driver which allows to block access to files at run-time (C/C++, C#, WDK, SDK)☆13Jan 1, 2023Updated 3 years ago