jonaslyk / exploitkitpub
☆95Updated 3 years ago
Alternatives and similar repositories for exploitkitpub:
Users that are interested in exploitkitpub are comparing it to the libraries listed below
- Admin to Kernel code execution using the KSecDD driver☆245Updated 10 months ago
- Experiment on reproducing Obfuscate & Sleep☆141Updated 4 years ago
- ☆181Updated 2 years ago
- Some of my windows kernel exploits for learning purposes☆122Updated 2 years ago
- ☆70Updated 2 years ago
- This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret …☆241Updated last year
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆114Updated 8 months ago
- ☆105Updated 8 months ago
- ☆252Updated 2 years ago
- Minifilter Callback Patching Proof-of-Concept☆66Updated 2 years ago
- ☆154Updated 2 years ago
- Recon 2023 slides and code☆79Updated last year
- miscellaneous scripts and programs☆235Updated last month
- a PE Loader and Windows API tracer. Useful in malware analysis.☆138Updated 2 years ago
- A Python script to download PDB files associated with a Portable Executable (PE)☆119Updated last month
- WTSRM☆209Updated 2 years ago
- Writeups for CTF challenges☆30Updated last year
- Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)☆220Updated last year
- Static Binary Instrumentation tool for Windows x64 executables☆198Updated last month
- Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …☆108Updated 3 years ago
- lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.☆103Updated 6 months ago
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆97Updated last year
- Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2☆225Updated 2 years ago
- CVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation via DKOM☆164Updated 2 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆244Updated 2 years ago
- ☆158Updated 3 years ago
- ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…☆115Updated this week
- Simple project using syscalls (via Syswhispers2) to execute MessageBox shellcode.☆74Updated 3 years ago
- IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).☆88Updated 3 years ago
- C# Utilities for Windows Notification Facility☆131Updated 3 months ago