jthuraisamy / ioctlpusLinks
☆110Updated 4 years ago
Alternatives and similar repositories for ioctlpus
Users that are interested in ioctlpus are comparing it to the libraries listed below
Sorting:
- Driver Initial Reconnaissance Tool☆123Updated 5 years ago
- ☆68Updated 3 years ago
- Process reimaging proof of concept code☆96Updated 5 years ago
- FLARE Kernel Shellcode Loader☆178Updated 6 years ago
- Parsers for custom malware formats ("Funky malware formats")☆96Updated 3 years ago
- IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).☆88Updated 3 years ago
- Set of antianalysis techniques found in malware☆132Updated last year
- A tool to exploit .NET DCOM for EoP and RCE. Is fixed in latest versions of the .NET.☆91Updated 10 years ago
- Hyper-V Research is trendy now☆180Updated last year
- Simple 32/64-bit PEs loader.☆138Updated 6 years ago
- Local OXID Resolver (LCLOR) : Research and Tooling☆35Updated 4 years ago
- Helper idapython code for reversing kmdf drivers☆72Updated 2 years ago
- Windows NT ioctl bruteforcer and modular fuzzer☆123Updated 6 years ago
- An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.☆139Updated 2 years ago
- My repository to upload drivers from different books and all the information related to windows internals.☆156Updated 5 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆219Updated 5 years ago
- Windbg2ida lets you dump each step in Windbg then shows these steps in IDA☆75Updated 10 months ago
- ☆235Updated 7 years ago
- Ebfuscator: Abusing system errors for binary obfuscation☆52Updated 5 years ago
- Windows Drivers☆98Updated 6 years ago
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆143Updated 6 years ago
- A simple API monitor for Windbg☆63Updated 8 years ago
- Proxy system calls over an RPC channel☆98Updated 3 years ago
- Simple library to spray the Windows Kernel Pool☆109Updated 5 years ago
- This framework enables user to discover JOP gagdets and can automate building a complete JOP chain to bypass DEP. JOP ROCKET is the ultim…☆105Updated 9 months ago
- File system minifilter driver for Windows to block symbolic link attacks.☆51Updated 4 years ago
- ☆161Updated 3 years ago
- Tools for instrumenting Windows Defender's mpengine.dll☆298Updated 6 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆106Updated 5 years ago
- Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.☆158Updated 5 years ago