Repository of Microsoft Driver Block Lists based off of OS-builds
☆43Apr 14, 2024Updated last year
Alternatives and similar repositories for MSFT_DriverBlockList
Users that are interested in MSFT_DriverBlockList are comparing it to the libraries listed below
Sorting:
- Proof-of-Concept to evade auditd by tampering via ptrace☆19Aug 3, 2023Updated 2 years ago
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR☆21Feb 8, 2024Updated 2 years ago
- remem is a C++ library designed for memory manipulation, function calling, and pattern scanning. It supports various calling conventions,…☆10Aug 23, 2024Updated last year
- In-memory hiding technique☆63Jan 5, 2025Updated last year
- Helper script for BloodHound to automatically add relationships between multiple accounts owned by the same individual☆14Jul 13, 2022Updated 3 years ago
- A VSCode devcontainer for development of COFF files with batteries included.☆50Jul 10, 2023Updated 2 years ago
- ☆25Apr 28, 2024Updated last year
- Extension functionality for the NightHawk operator client☆26Nov 3, 2023Updated 2 years ago
- OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threat research tea…☆20Sep 22, 2021Updated 4 years ago
- 正确解析 _HEAP_VS_***符号 ,支持在最新win11 24h2 运行,替换windbg自带的!pool命令☆17Nov 30, 2024Updated last year
- Microsoft Edge Microsoft Edge主页算法☆20Apr 15, 2019Updated 6 years ago
- ☆36May 27, 2024Updated last year
- Admin to Kernel code execution using the KSecDD driver☆265Apr 19, 2024Updated last year
- ☆64May 31, 2024Updated last year
- ☆14Mar 8, 2019Updated 6 years ago
- A simple tool for enumerating dynamic endpoints on a DCE/RPC remote or local endpoint mapper.☆15Oct 9, 2020Updated 5 years ago
- HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…☆17Jun 11, 2024Updated last year
- Recreation of Lode Runner The Legend Returns☆14Feb 13, 2020Updated 6 years ago
- Example of building an application verifer DLL☆51Jun 1, 2024Updated last year
- ☆17Oct 31, 2022Updated 3 years ago
- Self delete DLL (2)☆14Feb 15, 2024Updated 2 years ago
- 基于WFP的小型网络过滤驱动,拦截百度的DNS,感谢公司前辈们的思路与指导。☆14Aug 19, 2021Updated 4 years ago
- Analysing and defeating PatchGuard universally☆36Nov 4, 2020Updated 5 years ago
- Beacon Object File (BOF) for remote process injection via thread hijacking☆220Jan 13, 2021Updated 5 years ago
- ☆82Apr 9, 2024Updated last year
- Vectored Exception Handling Squared☆29Dec 27, 2025Updated 2 months ago
- a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor☆110Mar 25, 2024Updated last year
- Dynamically resolve API function addresses at runtime in a secure manner.☆72Nov 11, 2025Updated 3 months ago
- Patching "signtool.exe" to accept expired certificates for code-signing.☆340Feb 2, 2026Updated last month
- BOF for C2 framework☆44Nov 9, 2024Updated last year
- Shareds for kernel developement☆29Dec 23, 2013Updated 12 years ago
- Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload …☆49Nov 2, 2025Updated 4 months ago
- ☆19Jul 20, 2015Updated 10 years ago
- Calling the undocumented DPAPI RPC interface directly, no more calling public CryptUnprotectData!☆75Feb 4, 2026Updated last month
- Local Privilege Escalation Affecting Millions of Gaming Laptops☆61Jan 19, 2026Updated last month
- A bunch of shenanigans using functions, VEH and more☆37Jun 8, 2025Updated 8 months ago
- ☆22Oct 18, 2023Updated 2 years ago
- Enumerate various traits from Windows processes as an aid to threat hunting☆202Jan 13, 2022Updated 4 years ago
- Exploiting the KsecDD Windows driver through Server Silos☆77Nov 11, 2024Updated last year