Windows kernel ROP-only implant exposing R/W primitives
☆39Feb 1, 2026Updated 3 weeks ago
Alternatives and similar repositories for roprw
Users that are interested in roprw are comparing it to the libraries listed below
Sorting:
- Interprocess communication via a covert timing channel☆26Oct 24, 2025Updated 4 months ago
- ☆16Feb 1, 2026Updated 3 weeks ago
- A simple C++ driver base with KD data block☆11Jun 25, 2022Updated 3 years ago
- Reversed WintaPix Malware Source code | That targets countries in the Middle East and abuse KeServiceDescriptorTable(SSDT), persistence a…☆22Jul 6, 2024Updated last year
- Program synthesis tools and utilities for LLVM.☆20Jul 6, 2023Updated 2 years ago
- A minimalistic way to spoof return addresses without using exceptions☆17Jul 26, 2022Updated 3 years ago
- Deobfuscation and Analysis of Ring-1.io☆64Feb 7, 2026Updated 3 weeks ago
- Abusing DDMA alongside Copy On Write for Cross Process Code Execution for a 3000$ Bug Bounty☆88Feb 1, 2026Updated 3 weeks ago
- Decoder for VMProtect hwids☆18Aug 1, 2022Updated 3 years ago
- Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …☆54Dec 30, 2025Updated last month
- anti cheat drv open source☆19Apr 18, 2024Updated last year
- Fixes the "Device\Nal is already in use" error on kdmapper.☆19Jan 9, 2023Updated 3 years ago
- VEH Redirect & VEH Debugger☆23May 18, 2020Updated 5 years ago
- EFI bootkit for loading unsigned drivers☆37Jun 28, 2024Updated last year
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- An advanced singular header-only C++20 obfuscation library with encryption and polymorphism.☆68Updated this week
- A C++ wrapper for icedx86 decoder☆49Jul 28, 2025Updated 7 months ago
- IDA scripts for hypervisor (Hyper-v) analysis and reverse engineering automation☆27Dec 7, 2021Updated 4 years ago
- Modmap updated to work on Windows 11☆28Jul 30, 2021Updated 4 years ago
- "Bypassing" HVCI via donor PFN swaps to modify read-only code pages. Call chained kernel functions (kCET and SLAT support), modify read-o…☆87Feb 14, 2026Updated 2 weeks ago
- A .data pointer hook with communication in windows 11☆43Nov 9, 2025Updated 3 months ago
- Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.☆32May 18, 2022Updated 3 years ago
- Simple, fast and lightweight Header-Only C++ Assembler Library☆140Aug 13, 2025Updated 6 months ago
- ☆31Oct 31, 2018Updated 7 years ago
- My take on the capcom driver vulnerability☆28Aug 7, 2017Updated 8 years ago
- VTIL2 is a ground-up reimagination of the VTIL Project, completely rewritten in modern C# with enterprise-grade architecture, performance…☆65Oct 29, 2025Updated 3 months ago
- Programmatically set hardware breakpoint with C++ on Windows☆38Feb 21, 2024Updated 2 years ago
- A collection of tools, source code, and papers researching Windows' implementation of CET.☆88Oct 6, 2020Updated 5 years ago
- A high-fidelity x86_64 polymorphic mutation engine focused on instruction-level fragmentation and context preservation.☆110Jan 18, 2026Updated last month
- Compile time assembler with nasm syntax☆97Jul 11, 2022Updated 3 years ago
- Load Dll into Kernel space☆40Aug 23, 2022Updated 3 years ago
- A tool to convert windows registry export files into windows hive files that can be used to replace NTUSER.MAN☆104Jan 26, 2026Updated last month
- Elevate arbitrary MSR writes to kernel execution.☆45Sep 3, 2023Updated 2 years ago
- ☆94Oct 25, 2025Updated 4 months ago
- Zyrox: LLVM based, compile-time obfuscator plugin.☆88Feb 18, 2026Updated last week
- PoC kernel to usermode injection☆105Feb 26, 2024Updated 2 years ago
- ☆37May 21, 2022Updated 3 years ago
- PoC for popping a system shell against the LnvMSRIO.sys driver☆118Oct 6, 2025Updated 4 months ago
- An AVX Lifter for the Hex-Rays Decompiler + new instructions☆11Oct 14, 2022Updated 3 years ago