koutto / ioctlbf
Windows Kernel Drivers fuzzer
☆341Updated 8 years ago
Alternatives and similar repositories for ioctlbf:
Users that are interested in ioctlbf are comparing it to the libraries listed below
- Examples of leaking Kernel Mode information from User Mode on Windows☆597Updated 7 years ago
- Canadian Furious Beaver is a ProcMon-style tool designed only for capturing IRPs sent to any Windows driver.☆318Updated last year
- Research on Windows Kernel Executive Callback Objects☆286Updated 5 years ago
- Papers, blogposts, tutorials etc for learning about Windows kernel exploitation, internals and (r|b)ootkits☆394Updated 5 years ago
- Tools for instrumenting Windows Defender's mpengine.dll☆295Updated 6 years ago
- DriverBuddy is an IDA Python script to assist with the reverse engineering of Windows kernel drivers.☆361Updated 5 years ago
- Windows NT x64 syscall fuzzer☆602Updated last year
- A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.☆433Updated 6 years ago
- ☆395Updated 8 years ago
- windows syscall table from xp ~ 10 rs4☆353Updated 6 years ago
- Dump of win32k POCs for bugs I've found☆373Updated 3 years ago
- PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap☆206Updated 4 years ago
- A bunch of JavaScript extensions for WinDbg.☆335Updated 4 months ago
- Extract Windows Defender database from vdm files and unpack it☆440Updated 5 years ago
- Have fun with the LowFragmentationHeap☆238Updated 4 years ago
- awesome-windows-security-development☆169Updated 7 years ago
- Quickly debug shellcode extracted during malware analysis☆602Updated last year
- ☆234Updated 7 years ago
- Public repository for windbglib, a wrapper around pykd.pyd (for Windbg), used by mona.py☆327Updated 2 years ago
- Automatically exported from code.google.com/p/ioctlfuzzer☆162Updated 9 years ago
- Toy scripts for playing with WinDbg JS API☆227Updated 9 months ago
- A collection of LLVM transform and analysis passes to write shellcode in regular C☆372Updated last year
- Idapython script to carve binary for internal RPC structures☆232Updated last year
- Windows RPC Python fuzzer☆160Updated 7 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆209Updated 5 years ago
- Local privilege escalation PoC exploit for CVE-2019-16098☆193Updated 5 years ago
- This is a simple example and explanation of obfuscating API resolution via hashing☆235Updated 4 years ago
- A curated list of Hyper-V exploitation resources, fuzzing and vulnerability research.☆404Updated 2 weeks ago
- An extensible framework for easily writing compiler optimized position independent x86 / x64 shellcode for windows platforms.☆516Updated 5 years ago
- A small, null-free Windows shellcode that executes calc.exe (x86/x64, all OS/SPs)☆412Updated 11 months ago