milabs / kjector
Code injection from Linux kernel to a process
☆19Updated last year
Alternatives and similar repositories for kjector:
Users that are interested in kjector are comparing it to the libraries listed below
- call gates as stable comunication channel for NT x86 and Linux x86_64☆31Updated last year
- yet another hidden LKM hunter☆19Updated last year
- A few examples of how to trap virtual memory access on Windows.☆28Updated 3 months ago
- A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.☆26Updated 2 years ago
- Linux Kernel module-less implant (backdoor)☆72Updated 4 years ago
- Evasive ELF Static PIE User-Land-Exec featured in Tmpout Vol 1.☆26Updated 3 years ago
- ☆32Updated last year
- Kernel Read Write Execute☆83Updated 6 months ago
- Matryoshka - stacked LKM loader☆50Updated last year
- Slides from various conference talks☆36Updated last year
- Rootkit spotter - experimental Linux rootkit finder LKM☆27Updated 4 years ago
- Native Powers Talk demos☆14Updated last year
- ☆40Updated 3 years ago
- Report and exploit of CVE-2023-36427☆91Updated last year
- Windows KASLR bypass using prefetch side-channel☆78Updated 11 months ago
- Binary Ninja plugin to deobfuscate strings obfuscated with the Garble project☆14Updated 3 weeks ago
- AMD SVM hypervisor rootkit proof of concept☆45Updated last year
- Extract data of TTD trace file to a minidump☆28Updated last year
- hypervisor enforced patch protection for the linux kernel with xen + libvmi, libvmi KASLR offset spoofer☆29Updated 11 months ago
- One Bootloader to Load Them All - Research materials, Code , Etc.☆51Updated 2 years ago
- Exploit POC for CVE-2024-36877☆46Updated 7 months ago
- Standalone Metasploit-like XOR encoder for shellcode☆47Updated 10 months ago
- An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses☆62Updated 3 years ago
- PEIM (UEFI) bootkit targeting OVMF (EDK2)☆34Updated last year
- ☆67Updated 2 years ago
- ☆11Updated 2 years ago
- ☆47Updated 2 years ago
- A years-old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77.☆38Updated 3 years ago
- havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets☆26Updated 7 months ago
- Exploiting ring0 memcpy-like functionality to disable Driver Signing Enforcement (DSE)☆20Updated 4 years ago