keowu / wintapixView external linksLinks
Reversed WintaPix Malware Source code | That targets countries in the Middle East and abuse KeServiceDescriptorTable(SSDT), persistence and filesystem.
☆22Jul 6, 2024Updated last year
Alternatives and similar repositories for wintapix
Users that are interested in wintapix are comparing it to the libraries listed below
Sorting:
- A simple C++ driver base with KD data block☆11Jun 25, 2022Updated 3 years ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- Interprocess communication via a covert timing channel☆26Oct 24, 2025Updated 3 months ago
- A simple process query/manipulation tool using driver hooked system call. (2019)☆11Aug 30, 2021Updated 4 years ago
- NASM listing to shellcode converter☆14May 6, 2018Updated 7 years ago
- Swap control lioctl with trampoline recording in the .text section☆13Jul 1, 2021Updated 4 years ago
- really ?☆12Feb 29, 2024Updated last year
- collection of code snippets,windbg,python scripts and resources☆14Jul 11, 2022Updated 3 years ago
- Disk based DMA for ATA and SCSI☆42Sep 22, 2023Updated 2 years ago
- Windows kernel ROP-only implant exposing R/W primitives☆36Feb 1, 2026Updated last week
- Small driver that uses alternative syscalls feature (the project is still under development).☆18May 9, 2024Updated last year
- Dell Driver EoP (CVE-2021-21551)☆32Feb 24, 2022Updated 3 years ago
- 从入门到放弃的产物,学习过程中用python实现的一个单点c2基本功能☆11Mar 11, 2020Updated 5 years ago
- ☆13Jan 12, 2022Updated 4 years ago
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆79Dec 21, 2022Updated 3 years ago
- Deobfuscation and Analysis of Ring-1.io☆42Feb 7, 2026Updated last week
- Reports and POCs for CVE 2024-43570 and CVE-2024-43535☆29Jun 7, 2025Updated 8 months ago
- ☆17Apr 21, 2022Updated 3 years ago
- Win32 API Experimental(or Extension) features☆37Nov 18, 2022Updated 3 years ago
- Some simple code to learn about how to access the Windows network stack using polling and \Device\Afd☆27Jun 20, 2024Updated last year
- A manual PE mapping implementation, aka reflective loader☆21Sep 11, 2022Updated 3 years ago
- bypassing intel txt's tboot integrity checks via coreboot shim☆82Mar 15, 2025Updated 11 months ago
- ☆15Feb 5, 2025Updated last year
- ☆24Jul 15, 2023Updated 2 years ago
- Off-chain secure communication protocol with Zero-knowledge proof (Ring Signature) and metadata protection.☆24Sep 7, 2024Updated last year
- A PlayStation 5 ELF injector☆28Dec 15, 2025Updated 2 months ago
- IFL - Interactive Functions List (plugin for Binary Ninja)☆25Jul 9, 2024Updated last year
- ☆44Nov 7, 2024Updated last year
- x64 Windows implementation of virtual-address to physical-address translation☆46Jun 3, 2021Updated 4 years ago
- Resources from Trend Micro Research teams☆26Nov 14, 2024Updated last year
- the Open Source and Pure C++ Packer for eXecutables☆21Mar 25, 2023Updated 2 years ago
- Bypassing kernel patch protection runtime☆21Feb 19, 2023Updated 2 years ago
- HackSysExtremeVulnerableDriver exploits for latest Windows 10 version☆26Jan 13, 2026Updated last month
- Example of using Windows Platform Binary Table (WPBT)☆27Jul 9, 2023Updated 2 years ago
- Virtual Trust Level (VTL 1) secure call tracing☆95Aug 29, 2025Updated 5 months ago
- Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits☆31Jun 14, 2022Updated 3 years ago
- A C++ wrapper for icedx86 decoder☆47Jul 28, 2025Updated 6 months ago
- ☆53Jan 17, 2026Updated 3 weeks ago
- ☆61Aug 21, 2023Updated 2 years ago