kkent030315 / evil-mhyprot-cli
A PoC for Mhyprot2.sys vulnerable driver that allowing read/write memory in kernel/user via unprivileged user process.
☆317Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for evil-mhyprot-cli
- A static library, wrapper for mhyprot vulnerable driver, execute exploits and tests☆126Updated 4 years ago
- A PoC for vulnerable driver "mhyprot" that allows us to read/write memory in kernel/user from usermode.☆161Updated 4 years ago
- A lib that allows using mhyprot2 driver for enum process modules, r/w process memory and kill process.☆344Updated 4 years ago
- Kernel driver loader using vulnerable gigabyte driver (https://www.secureauth.com/labs/advisories/gigabyte-drivers-elevation-privilege-vu…☆220Updated 3 years ago
- Debugger Anti-Detection Benchmark☆291Updated 11 months ago
- A x64 Windows Rootkit using SSDT or Hypervisor hook☆512Updated 3 weeks ago
- Handle elevation DKOM against ObRegisterCallbacks☆282Updated 6 years ago
- A collection of various vulnerable (mostly physical memory exposing) drivers.☆319Updated 2 years ago
- Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks☆327Updated 3 weeks ago
- Signtool for expired certificates☆455Updated last year
- Load your driver like win32k.sys☆246Updated 2 years ago
- Simple Kernelmode DLL Injector with Manual mapping☆238Updated 11 months ago
- Native code virtualizer for x64 binaries☆403Updated this week
- An Injector that can inject dll into game process protected by anti cheat using SetWindowsHookEx.☆239Updated 5 years ago
- DLL that hooks the NtQuerySystemInformation API and hides a process name☆283Updated last year
- Bypassing PatchGuard on modern x64 systems☆245Updated last year
- Demo proof of concept for shadow regions, and implementation of HyperDeceit.☆268Updated last year
- Signature maker plugin for IDA 8.x and 9.x☆323Updated last month
- Efi Driver Access is a simply project to load a driver during system boot with the idea to give the user kernel access for read/write mem…☆369Updated last year
- Windows inline hooking tool.☆228Updated 6 years ago
- Hiding the window from screenshots using the function win32kfull::GreProtectSpriteContent☆506Updated 2 years ago
- Windows Kernel inject (no module no thread)☆265Updated 2 years ago
- A simple commandline injector using classic DLL injection☆137Updated 2 years ago
- Controlling Windows PP(L)s☆263Updated last year
- PoC EFI runtime driver for memory r/w & kdmapper fork☆503Updated 3 years ago
- UEFI bootkit for driver manual mapping☆525Updated 10 months ago
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆261Updated last month
- Abusing nvidia driver (nvoclock.sys) for physical/virtual memory and control register manipulation.☆245Updated last year
- Hide SMBIOS/disk/NIC serials from EFI bootkit☆280Updated 3 years ago
- protector & obfuscator & code virtualizer☆409Updated this week