milabs / kopycat
Linux Kernel module-less implant (backdoor)
☆64Updated 3 years ago
Related projects: ⓘ
- Leveraging CVEs as North Stars in vulnerability discovery and comprehension.☆55Updated 5 months ago
- Matryoshka - stacked LKM loader☆50Updated 11 months ago
- NASM Linux x86_64 pure (no deps) shared library (.so), POC for Reflective ELF SO injection☆26Updated last year
- In line function hooking LKM rootkit☆51Updated 4 years ago
- A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in c…☆118Updated 2 years ago
- Tools to bypass flawed SELinux policies using the init_module system call☆38Updated 9 months ago
- An exploit for CVE-2019-17026. It pops xcalc and was tested on Ubuntu (x64).☆48Updated 4 years ago
- ☆12Updated 2 years ago
- Binary to shellcode from an object/executable format 32 & 64-bit PE , ELF☆71Updated 3 years ago
- Code injection from Linux kernel to a process☆19Updated last year
- PoC for CVE-2021-3492 used at Pwn2Own 2021☆40Updated 3 years ago
- Proof of concept for injecting simple shellcode via ptrace into a running process.☆58Updated last year
- My conference presentations and Materials for them.☆32Updated 2 years ago
- Proxy system calls over an RPC channel☆96Updated 2 years ago
- A script to detect stack-strings by using emulation (leveraging Unicorn)☆33Updated 11 months ago
- Dynamic-Static binary instrumentation framework on top of GDB☆48Updated 11 months ago
- Ebfuscator: Abusing system errors for binary obfuscation☆52Updated 4 years ago
- Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.☆94Updated 4 years ago
- Linux process injection PoCs☆25Updated 4 months ago
- ☆49Updated 4 years ago
- ☆43Updated 2 years ago
- ☆65Updated this week
- A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malwar…☆114Updated 3 years ago
- Writeups, PoCs of the bugs I found while preparing for the Pwn2Own Miami 2023 contest targeting UaGateway from the OPC UA Server category…☆55Updated last year
- A personalized/enhanced re-creation of the Darkhotel "Double Star" APT exploit chain with a focus on Windows 8.1 and mixed with some of m…☆144Updated 2 years ago
- ☆151Updated 3 years ago
- PoC for CVE-2021-32537: an out-of-bounds memory access that leads to pool corruption in the Windows kernel.☆57Updated 3 years ago
- Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CV…☆169Updated 2 years ago
- ☆69Updated 2 years ago
- ☆151Updated last year