jsacco / ioctlplusplusLinks
IOCTL++ can be used to make DeviceIoControl requests with arbitrary inputs.
☆34Updated 3 months ago
Alternatives and similar repositories for ioctlplusplus
Users that are interested in ioctlplusplus are comparing it to the libraries listed below
Sorting:
- HEVD Exploit: ArbitraryWrite on Windows 10 22H2 - Bypassing KVA Shadow and SMEP via PML4 Entry Manipulation☆34Updated last year
- This exploit use PEB walk technique to resolve API calls dynamically, obfuscate all API calls to perform process injection.☆25Updated last year
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆73Updated 9 months ago
- Windows LPE Nday☆32Updated last year
- PoC exploit for HP Hardware Diagnostic's EtdSupp driver☆50Updated 2 years ago
- Reimplementation of the KExecDD DSE bypass technique.☆57Updated last year
- Usermode NT Explorer - Query kernel addresses, translate virtual to physical addresses, inspect the PFN database, and more.☆68Updated last week
- Executing Kernel Routines via Syscall Table Hijack (Kernel Code Execution)☆56Updated 7 months ago
- Windows x64 kernel mode rootkit process hollowing POC.☆189Updated 2 years ago
- Finding Truth in the Shadows☆120Updated 3 years ago
- A serie of exploits targeting eneio64.sys - Turning Physical Memory R/W into Virtual Memory R/W☆116Updated 3 months ago
- This repo contains EXPs about Vulnerable Windows Driver☆47Updated last year
- Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…☆92Updated 7 months ago
- ☆52Updated 10 months ago
- Exploitable drivers, you know what I mean☆153Updated 2 months ago
- Harness to issue Virtual Secure Mode (VSM) "secure calls" from VTL 0 to VTL 1☆71Updated 5 months ago
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115Updated 2 years ago
- ☆35Updated 2 years ago
- One Click Tool to Scan All the Enabled Protection of current Windows NT Kernel☆43Updated 2 years ago
- A PoC of a privilege escalation vulnerability in the Realtek rtkio64 Windows driver.☆20Updated 5 years ago
- kernel-mode DLL Injector☆125Updated 9 months ago
- Research into removing strings & API call references at compile-time (Anti-Analysis)☆28Updated last year
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆78Updated 10 months ago
- Proof of concepts demonstrating some aspects of the Windows kernel shadow stack mitigation.☆53Updated 8 months ago
- An example of how to use Microsoft Windows Warbird technology☆91Updated 2 years ago
- This repo contains PoCs for vulnerable Windows drivers.☆118Updated last month
- Research of modifying exported function names at runtime (C/C++, Windows)☆18Updated last year
- Ryūjin Protector - Is a Intel Arch - BIN2BIN - PE Obfuscation/Protection/DRM tool☆300Updated 2 months ago
- A few examples of how to trap virtual memory access on Windows.☆39Updated last year
- Fast covert timing channel communication for inter-process and inter-processor communication on Windows systems.☆67Updated 2 months ago