kagurazakasanae / Mhyprot2DrvControl
A lib that allows using mhyprot2 driver for enum process modules, r/w process memory and kill process.
☆344Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for Mhyprot2DrvControl
- A PoC for Mhyprot2.sys vulnerable driver that allowing read/write memory in kernel/user via unprivileged user process.☆317Updated 3 years ago
- A static library, wrapper for mhyprot vulnerable driver, execute exploits and tests☆126Updated 4 years ago
- Mhy Exp (exploit signed driver)☆137Updated 2 years ago
- 一些使用过期或者注销证书的技术☆191Updated 5 years ago
- Controlling Windows PP(L)s☆263Updated last year
- A user-mode emulator for the mhyprot2.sys driver☆115Updated 2 years ago
- Use ICMLuaUtil to Bypass UAC!☆492Updated 4 years ago
- CVE-2023-34312☆419Updated last year
- 自建时间戳服务器实现伪签名驱动证书 Implementing Pseudo Signature with Self-Sign Timestamp Servers☆196Updated this week
- Kernel driver loader using vulnerable gigabyte driver (https://www.secureauth.com/labs/advisories/gigabyte-drivers-elevation-privilege-vu…☆220Updated 3 years ago
- 内核级别隐藏指定窗口☆297Updated 2 years ago
- A simple commandline injector using classic DLL injection☆137Updated 2 years ago
- A PoC for vulnerable driver "mhyprot" that allows us to read/write memory in kernel/user from usermode.☆161Updated 4 years ago
- DSE bypass using a leaked cert and adjusting the current clock.☆137Updated 2 years ago
- shellcode 生成框架☆240Updated 2 years ago
- ☆453Updated 4 years ago
- 研究和移除各种内核回调,在anti anti cheat的路上越走越远☆167Updated 2 years ago
- ☆297Updated 2 years ago
- 将shellcode注入dwm.exe以进行屏幕截取☆298Updated 2 years ago
- 隐藏可执行内存☆245Updated 9 months ago
- PE loader with various shellcode injection techniques☆382Updated 2 years ago
- Reverse engineering Genshin Impact anticheat to study how anticheats work on the Windows operating system.☆99Updated 2 years ago
- 火绒剑独立版☆331Updated 4 months ago
- A flexible PE loader, loading module in memory. Most of the functions can be inline, compatible for shellcode.☆173Updated last month
- Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted fi…☆631Updated 8 months ago
- SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature…☆1,087Updated last year
- Huorong Internet Security vulnerabilities 火绒安全软件漏洞☆111Updated 4 years ago