jthuraisamy / ioctlpus
☆108Updated 4 years ago
Alternatives and similar repositories for ioctlpus:
Users that are interested in ioctlpus are comparing it to the libraries listed below
- Driver Initial Reconnaissance Tool☆122Updated 5 years ago
- ☆67Updated 2 years ago
- IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).☆88Updated 3 years ago
- Process reimaging proof of concept code☆96Updated 5 years ago
- Hyper-V Research is trendy now☆178Updated 10 months ago
- FLARE Kernel Shellcode Loader☆176Updated 5 years ago
- Windows Drivers☆97Updated 5 years ago
- Parsers for custom malware formats ("Funky malware formats")☆95Updated 3 years ago
- Helper idapython code for reversing kmdf drivers☆72Updated 2 years ago
- An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.☆136Updated 2 years ago
- Simple 32/64-bit PEs loader.☆137Updated 6 years ago
- A process overwriting its own PEB to make an illusion that it has been loaded from a different path.☆94Updated 3 years ago
- Local OXID Resolver (LCLOR) : Research and Tooling☆34Updated 3 years ago
- Simple library to spray the Windows Kernel Pool☆107Updated 5 years ago
- Windbg2ida lets you dump each step in Windbg then shows these steps in IDA☆76Updated 8 months ago
- ☆158Updated 3 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆209Updated 5 years ago
- Set of antianalysis techniques found in malware☆129Updated last year
- PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap☆200Updated 4 years ago
- Implements the POP/MOV SS (CVE-2018-8897) vulnerability by leveraging SYSCALL to perform a local privilege escalation (LPE).☆116Updated 6 years ago
- Windows NT ioctl bruteforcer and modular fuzzer☆121Updated 6 years ago
- Toy scripts for playing with WinDbg JS API☆225Updated 8 months ago
- Recon 2015 Presentation from Alex Ionescu☆232Updated 9 years ago
- ☆20Updated 5 years ago
- Windows Kernel Programming☆124Updated 4 years ago
- Process Hollowing for 32 bit and 64 bit☆80Updated 7 years ago
- A simple API monitor for Windbg☆63Updated 7 years ago
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆139Updated 6 years ago
- Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment☆120Updated 4 years ago
- ☆68Updated last year