Alternatives and similar repositories for SMM-Rootkit:

Users that are interested in SMM-Rootkit are comparing it to the libraries listed below

• pRain1337 / Hermes
  SMM UEFI module and client for UMD privilege escalation
  ☆33Updated last year
• tandasat / SmmExploit
  The report and the exploit of CVE-2021-26943, the kernel-to-SMM local privilege escalation vulnerability in ASUS UX360CA BIOS version 303…
  ☆136Updated 3 years ago
• Cr4sh / SmmBackdoorNg
  Updated version of System Management Mode backdoor for UEFI based platforms: old dog, new tricks
  ☆304Updated last year
• Cr4sh / pico_dma
  Autonomous pre-boot DMA attack hardware implant for M.2 slot based on PicoEVB development board
  ☆73Updated last year
• tandasat / HelloIommuPkg
  The sample DXE runtime driver demonstrating how to program DMA remapping.
  ☆58Updated last year
• NullArray / WinKernel-Resources
  A list of excellent resources for anyone to deepen their understanding with regards to Windows Kernel Exploitation and general low level …
  ☆141Updated 2 years ago
• Tserith / Parasite
  Compact MBR Bootkit for Windows
  ☆45Updated 3 years ago
• loneicewolf / KernelMode-Code
  2022 Updated Kernelmode-Code
  ☆30Updated 11 months ago
• tandasat / UefiVarMonitor
  The runtime DXE driver monitoring access to the UEFI variables by hooking the runtime service table.
  ☆138Updated 4 years ago
• yardenshafir / cet-research
  A collection of tools, source code, and papers researching Windows' implementation of CET.
  ☆81Updated 4 years ago
• IgorKorkin / MemoryRanger
  MemoryRanger protects kernel data and code by running drivers and hosting data in isolated kernel enclaves using VT-x and EPT features. M…
  ☆222Updated 4 years ago
• Sentinel-One / brick
  ☆92Updated 8 months ago
• ajkhoury / UEFI-Bootkit
  A small bootkit which does not rely on x64 assembly.
  ☆473Updated 5 years ago
• irql / CVE-2021-31728
  vulnerability in zam64.sys, zam32.sys allowing ring 0 code execution. CVE-2021-31727 and CVE-2021-31728 public reference.
  ☆91Updated 3 years ago
• loneicewolf / LOJAX
  LOJAX ROOTKIT (UEFI) +PDF Included[x]
  ☆29Updated 2 years ago
• waleedassar / RestrictedKernelLeaks
  ☆158Updated 3 years ago
• river-li / awesome-uefi-security
  👓A collection of papers/tools/exploits for UEFI security.
  ☆155Updated last month
• repnz / autochk-rootkit
  Reverse engineered source code of the autochk rootkit
  ☆201Updated 5 years ago
• amitschendel / venom-rootkit
  A simple Windows kernel rootkit.
  ☆90Updated last year
• amiryeshurun / HyperWin
  A native hypervisor designed for the Windows operating system
  ☆122Updated 4 years ago
• D4stiny / ExceptionOrientedProgramming
  Abusing exceptions for code execution.
  ☆109Updated 2 years ago
• NtRaiseHardError / NINA
  NINA: No Injection, No Allocation x64 Process Injection Technique
  ☆195Updated 4 years ago
• 0xcpu / WinAltSyscallHandler
  Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999
  ☆209Updated 5 years ago
• HackingThings / SignedUEFIShell
  Information about a signed UEFI Shell that can be used when Secure Boot is enabled.
  ☆79Updated 3 years ago
• tandasat / Hello-VT-rp
  A simple hypervisor demonstrating the use of the Intel VT-rp (redirect protection) technology.
  ☆101Updated 11 months ago
• VoidSec / Exploit-Development
  Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)
  ☆220Updated last year
• mathisvickie / CVE-2021-21551
  arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system
  ☆55Updated 3 years ago
• Fyyre / DrvMon
  Advanced driver monitoring utility.
  ☆206Updated 2 years ago
• xsh3llsh0ck / ResilienceKit
  Another UEFI runtime bootkit
  ☆29Updated last year
• 3intermute / ramiel
  uefi diskless persistence technique + OVMF secureboot bypass
  ☆56Updated 10 months ago