mandiant / flare-kscldrView external linksLinks
FLARE Kernel Shellcode Loader
☆179May 3, 2019Updated 6 years ago
Alternatives and similar repositories for flare-kscldr
Users that are interested in flare-kscldr are comparing it to the libraries listed below
Sorting:
- An example of how x64 kernel shellcode can dynamically find and use APIs☆104May 14, 2020Updated 5 years ago
- This project demonstares an illegal read- and write- access to the kernel-mode data for both allocated by 3rd party drivers and EPROCESS …☆13Mar 6, 2018Updated 7 years ago
- Kinject - kernel dll injector, currently available in x86 version, will be updated to x64 soon.☆32Apr 10, 2015Updated 10 years ago
- ☆34Jul 28, 2018Updated 7 years ago
- Small tool to load shellcodes or PEs to analyze them☆83May 16, 2018Updated 7 years ago
- Confirms the capability of Hardware-Accelerated Virtualization Technology.☆10Oct 26, 2025Updated 3 months ago
- This is a simple driver with x64 inline assembly☆57Jun 26, 2020Updated 5 years ago
- Control Flow Guard bypass using LoadLibrary and IsBadCodePtr☆46Jan 19, 2017Updated 9 years ago
- exploit termdd.sys(support kb4499175)☆61Jul 15, 2019Updated 6 years ago
- ☆409Mar 1, 2017Updated 8 years ago
- Pocs for Antivirus Software‘s Kernel Vulnerabilities☆265Jul 6, 2017Updated 8 years ago
- Public documents related to my talk "Bypass Windows Exploit Guard ASR" at Offensive Con 2019.☆94Feb 24, 2019Updated 6 years ago
- Load a Windows Kernel Driver☆94Jun 7, 2017Updated 8 years ago
- Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CV…☆258Sep 1, 2022Updated 3 years ago
- 基于WinDivert实现的一个包过滤与截断程序☆13Jul 22, 2018Updated 7 years ago
- drvtriks kernel driver for Windows 7 SP1 and 8.1 x64, that tricks around in your system.☆34Oct 6, 2017Updated 8 years ago
- Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.☆158Jun 10, 2019Updated 6 years ago
- Simple 32/64-bit PEs loader.☆139Dec 19, 2018Updated 7 years ago
- win10 pgContext dynamic dump (btc version)☆110Jan 15, 2020Updated 6 years ago
- Encrypted Shellcode Loader Generator☆22Jan 29, 2019Updated 7 years ago
- Green shellcode challenge tools☆22Apr 9, 2019Updated 6 years ago
- Simple Demo of using Windows Hypervisor Platform☆29Jul 14, 2025Updated 7 months ago
- Kernel rootkit, that lives inside the Windows registry values data☆505Oct 8, 2017Updated 8 years ago
- ☆12Feb 19, 2017Updated 8 years ago
- Pazuzu: Reflective DLL to run binaries from memory☆214Aug 4, 2020Updated 5 years ago
- PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap☆215Jul 2, 2020Updated 5 years ago
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆79Jan 24, 2011Updated 15 years ago
- A more stealthy variant of "DLL hollowing"☆363Mar 8, 2024Updated last year
- cve-2019-0808-poc☆48Mar 25, 2019Updated 6 years ago
- crash poc & Leak info PoC☆18Mar 19, 2018Updated 7 years ago
- ☆22Jul 10, 2020Updated 5 years ago
- A memory scanning evasion technique☆897May 24, 2017Updated 8 years ago
- Elevation of privilege detector based on HyperPlatform☆124Mar 5, 2017Updated 8 years ago
- Code injection via delay load libraries☆36Sep 20, 2017Updated 8 years ago
- ☆16Sep 7, 2017Updated 8 years ago
- 给windows窗口全局添加一些功能。☆21May 1, 2019Updated 6 years ago
- Final Transparent encrypted version☆14Jan 10, 2017Updated 9 years ago
- A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.☆438Aug 22, 2018Updated 7 years ago
- DC25 5A1F - Demystifying Windows Kernel Exploitation by Abusing GDI Objects☆148Jul 30, 2017Updated 8 years ago