jthuraisamy / DIRTView external linksLinks
Driver Initial Reconnaissance Tool
☆126Dec 26, 2019Updated 6 years ago
Alternatives and similar repositories for DIRT
Users that are interested in DIRT are comparing it to the libraries listed below
Sorting:
- ☆130Sep 14, 2020Updated 5 years ago
- Antivirus Emulator Fingerprints☆30Oct 12, 2018Updated 7 years ago
- A fork of https://github.com/SafeBreach-Labs/pinjectra with a practical implementation of Stack Bombing☆29Oct 22, 2020Updated 5 years ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆115Feb 27, 2021Updated 4 years ago
- PoC of BOOST-ed _EPROCESS.VadRoot iterating☆27May 21, 2014Updated 11 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆104May 14, 2020Updated 5 years ago
- ☆24May 28, 2021Updated 4 years ago
- Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.☆99Jul 7, 2020Updated 5 years ago
- reverse engineering extension plugin for windbg☆120Sep 30, 2019Updated 6 years ago
- Silence EDRs by removing kernel callbacks☆239Dec 7, 2020Updated 5 years ago
- Proof of concept - Covert Channel using Windows Filtering Platform (C#)☆21Aug 29, 2021Updated 4 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆239Nov 6, 2019Updated 6 years ago
- Three Tiny Examples of Directly Using Vista's NtCreateUserProcess☆89Nov 9, 2015Updated 10 years ago
- Windows (ShadowMove) Socket Duplication☆87Apr 19, 2020Updated 5 years ago
- a simple intel vt code both support x86 & x64. PatchGuard monitor.☆77Oct 28, 2021Updated 4 years ago
- Example code for using named pipe output with beacon ReflectiveDLLs☆121Jun 24, 2020Updated 5 years ago
- AllMemPro☆46Jan 15, 2018Updated 8 years ago
- hooking KiUserApcDispatcher☆25Apr 3, 2017Updated 8 years ago
- ☆409Mar 1, 2017Updated 8 years ago
- NINA: No Injection, No Allocation x64 Process Injection Technique☆227Jun 9, 2020Updated 5 years ago
- Proper Payload Protection Prevents Poor Performance☆76Jul 27, 2022Updated 3 years ago
- Enumerate and disable common sources of telemetry used by AV/EDR.☆819Mar 11, 2021Updated 4 years ago
- Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.☆158Jun 10, 2019Updated 6 years ago
- NT AUTHORITY\SYSTEM☆43Jul 8, 2020Updated 5 years ago
- Windows Kernel Drivers fuzzer☆378Mar 15, 2017Updated 8 years ago
- Universal Unhooking☆326Sep 19, 2018Updated 7 years ago
- A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.☆436Aug 22, 2018Updated 7 years ago
- Multi-purpose proof-of-concept tool based on CPU-Z CVE-2017-15303☆111Feb 25, 2018Updated 7 years ago
- ☆12May 1, 2018Updated 7 years ago
- Windows file system driver which allows to block access to files at run-time (C/C++, C#, WDK, SDK)☆13Jan 1, 2023Updated 3 years ago
- Corsair LL Access driver abuse☆24Apr 16, 2021Updated 4 years ago
- Simple tool to use LsaManageSidNameMapping get LSA to add or remove SID to name mappings.☆25Oct 25, 2020Updated 5 years ago
- An command-line RPC method enumerator, born out of RPCView's awesomeness☆108Jul 31, 2019Updated 6 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 5 years ago
- LoadLibrary for offensive operations☆33Dec 14, 2021Updated 4 years ago
- "Screwed Drivers" centralized information source for code references, links, etc.☆372Mar 19, 2020Updated 5 years ago
- Quickly search for references to a GUID in DLLs, EXEs, and drivers☆75Dec 10, 2021Updated 4 years ago
- ☆36Sep 5, 2017Updated 8 years ago
- CSharp Writeups for HackSys Extreme Vulnerable Driver☆45Dec 22, 2021Updated 4 years ago