mar-ket-vector / VXppLinks
VFGadget locator to facilitate Counterfeit Object-Oriented Programming (COOP) and Loop-Oriented Programming (LOP) attacks to bypass advanced security protections like Intel CET and Control-Flow Guard (CFG) to achieve Remote Code Execution.
☆16Updated 3 months ago
Alternatives and similar repositories for VXpp
Users that are interested in VXpp are comparing it to the libraries listed below
Sorting:
- a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor☆93Updated last year
- Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…☆173Updated last week
- Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections☆138Updated 2 years ago
- This repo contains EXPs about Vulnerable Windows Driver☆46Updated last year
- Windows KASLR bypass using prefetch side-channel☆102Updated last year
- Finding Truth in the Shadows☆107Updated 2 years ago
- Admin to Kernel code execution using the KSecDD driver☆251Updated last year
- Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…☆226Updated 7 months ago
- Reverse engineering winapi function loadlibrary.☆202Updated 2 years ago
- Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven☆229Updated 8 months ago
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆105Updated 2 years ago
- ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…☆125Updated last week
- A set of LLVM and GCC based plugins that perform code obfuscation.☆125Updated last week
- Walks the CFG bitmap to find previously executable but currently hidden shellcode regions☆118Updated 2 years ago
- An x86-64 code virtualizer for VM based obfuscation☆123Updated 6 months ago
- Injecting DLL into LSASS at boot☆123Updated last month
- Process Injection using Thread Name☆273Updated 2 months ago
- LPE exploit for CVE-2023-36802☆22Updated last year
- Windows rootkit designed to work with BYOVD exploits☆200Updated 5 months ago
- ☆90Updated last year
- LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.☆290Updated last year
- POC exploit for CVE-2025-21333 heap-based buffer overflow. It leverages WNF state data and I/O ring IOP_MC_BUFFER_ENTRY☆193Updated 2 months ago
- "Service-less" driver loading☆155Updated 7 months ago
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆145Updated 10 months ago
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆65Updated 2 months ago
- Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2☆228Updated 2 years ago
- ☆175Updated 10 months ago
- MIPS VM to execute payloads without allocating executable memory. Based on a PlayStation 1 (PSX) Emulator.☆115Updated 6 months ago
- Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread☆221Updated last month
- Monitors ETW for security relevant syscalls maintaining the set called by each unique process☆79Updated 2 years ago