jthuraisamy/DIRT external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

jthuraisamy/DIRT

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/jthuraisamy/DIRT)

Close

jthuraisamy / DIRTView on GitHubMore

• External links
• Readme badge

Driver Initial Reconnaissance Tool

☆125Dec 26, 2019Updated 6 years ago

Alternatives and similar repositories for DIRT

Users that are interested in DIRT are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• jthuraisamy / ioctlpus

  View on GitHub
  ☆128Sep 14, 2020Updated 5 years ago
• jthuraisamy / av-fingerprints

  View on GitHub
  Antivirus Emulator Fingerprints
  ☆30Oct 12, 2018Updated 7 years ago
• Crypt0s / Ampulex

  View on GitHub
  A fork of https://github.com/SafeBreach-Labs/pinjectra with a practical implementation of Stack Bombing
  ☆27Oct 22, 2020Updated 5 years ago
• LloydLabs / dearg-thread-ipc-stealth

  View on GitHub
  A novel technique to communicate between threads using the standard ETHREAD structure
  ☆116Feb 27, 2021Updated 5 years ago
• zer0mem / VadScanner

  View on GitHub
  PoC of BOOST-ed _EPROCESS.VadRoot iterating
  ☆27May 21, 2014Updated 11 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• passthehashbrowns / hook-integrity-checks

  View on GitHub
  ☆23May 28, 2021Updated 4 years ago
• dalerkd / NT_OS

  View on GitHub
  ☆12May 1, 2018Updated 7 years ago
• FSecureLABS / win_driver_plugin

  View on GitHub
  A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.
  ☆440Aug 22, 2018Updated 7 years ago
• AzAgarampur / CorsairLLeak

  View on GitHub
  Corsair LL Access driver abuse
  ☆23Apr 16, 2021Updated 5 years ago
• 9176324 / Daat

  View on GitHub
  a simple intel vt code both support x86 & x64. PatchGuard monitor.
  ☆78Oct 28, 2021Updated 4 years ago
• DownWithUp / DynamicKernelShellcode

  View on GitHub
  An example of how x64 kernel shellcode can dynamically find and use APIs
  ☆105May 14, 2020Updated 5 years ago
• IgorKorkin / AllMemPro

  View on GitHub
  AllMemPro
  ☆46Jan 15, 2018Updated 8 years ago
• imugee / pegasus

  View on GitHub
  reverse engineering extension plugin for windbg
  ☆121Sep 30, 2019Updated 6 years ago
• jackullrich / Windows-API-Fuzzer

  View on GitHub
  Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.
  ☆99Jul 7, 2020Updated 5 years ago
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• Professor-plum / Reflective-Driver-Loader

  View on GitHub
  ☆407Mar 1, 2017Updated 9 years ago
• Microwave89 / createuserprocess

  View on GitHub
  Three Tiny Examples of Directly Using Vista's NtCreateUserProcess
  ☆89Nov 9, 2015Updated 10 years ago
• koutto / ioctlbf

  View on GitHub
  Windows Kernel Drivers fuzzer
  ☆377Mar 15, 2017Updated 9 years ago
• X-C3LL / wfp-reader

  View on GitHub
  Proof of concept - Covert Channel using Windows Filtering Platform (C#)
  ☆21Aug 29, 2021Updated 4 years ago
• lawiet47 / STFUEDR

  View on GitHub
  Silence EDRs by removing kernel callbacks
  ☆239Dec 7, 2020Updated 5 years ago
• blaquee / APCHook

  View on GitHub
  hooking KiUserApcDispatcher
  ☆27Apr 3, 2017Updated 9 years ago
• 0xcpu / WinAltSyscallHandler

  View on GitHub
  Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999
  ☆242Nov 6, 2019Updated 6 years ago
• jthuraisamy / TelemetrySourcerer

  View on GitHub
  Enumerate and disable common sources of telemetry used by AV/EDR.
  ☆847Mar 11, 2021Updated 5 years ago
• xpn / RpcEnum

  View on GitHub
  An command-line RPC method enumerator, born out of RPCView's awesomeness
  ☆108Jul 31, 2019Updated 6 years ago
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• 0xcpu / winsmsd

  View on GitHub
  Windows (ShadowMove) Socket Duplication
  ☆88Apr 19, 2020Updated 6 years ago
• hlldz / APC-PPID

  View on GitHub
  Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.
  ☆157Jun 10, 2019Updated 6 years ago
• rxwx / cs-rdll-ipc-example

  View on GitHub
  Example code for using named pipe output with beacon ReflectiveDLLs
  ☆121Jun 24, 2020Updated 5 years ago
• hfiref0x / Stryker

  View on GitHub
  Multi-purpose proof-of-concept tool based on CPU-Z CVE-2017-15303
  ☆112Feb 25, 2018Updated 8 years ago
• honorarybot / PulseDbg

  View on GitHub
  Hypervisor-based debugger
  ☆191Dec 2, 2020Updated 5 years ago
• AlephNull314 / AbsoluteZero

  View on GitHub
  Anti-AV compilation
  ☆44Oct 4, 2013Updated 12 years ago
• connormcgarr / Kernel-Escalation-of-Privileges-Payloads

  View on GitHub
  NT AUTHORITY\SYSTEM
  ☆44Jul 8, 2020Updated 5 years ago
• nccgroup / DriverBuddy

  View on GitHub
  DriverBuddy is an IDA Python script to assist with the reverse engineering of Windows kernel drivers.
  ☆375Jan 8, 2020Updated 6 years ago
• daem0nc0re / HEVD-CSharpKernelPwn

  View on GitHub
  CSharp Writeups for HackSys Extreme Vulnerable Driver
  ☆45Dec 22, 2021Updated 4 years ago
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• outflanknl / TamperETW

  View on GitHub
  PoC to demonstrate how CLR ETW events can be tampered.
  ☆192Mar 26, 2020Updated 6 years ago
• moloch-- / DarkLoadLibrary

  View on GitHub
  LoadLibrary for offensive operations
  ☆33Dec 14, 2021Updated 4 years ago
• OmerYa / ROP-From-Zero-to-Nation-State-In-25-Minutes

  View on GitHub
  Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)
  ☆16Sep 4, 2020Updated 5 years ago
• CylanceVulnResearch / ReflectiveDLLRefresher

  View on GitHub
  Universal Unhooking
  ☆325Sep 19, 2018Updated 7 years ago
• leoloobeek / keyring

  View on GitHub
  Proper Payload Protection Prevents Poor Performance
  ☆75Jul 27, 2022Updated 3 years ago
• NtRaiseHardError / Antimalware-Research

  View on GitHub
  Research on Anti-malware and other related security solutions
  ☆263Jul 25, 2020Updated 5 years ago
• repnz / autochk-rootkit

  View on GitHub
  Reverse engineered source code of the autochk rootkit
  ☆211Nov 1, 2019Updated 6 years ago