Alternatives and similar repositories for CVE-2025-24990_POC

Users that are interested in CVE-2025-24990_POC are comparing it to the libraries listed below

• wesmar / KernelResearchKit
  Windows 11 kernel research framework demonstrating DSE bypass on Windows 11 25H2 through boot-time execution. Loads unsigned drivers by s…
  ☆56Updated last week
• gabriellandau / ShadowStackWalk
  Finding Truth in the Shadows
  ☆119Updated 2 years ago
• chainloaded / Kernel-HTTP-Client
  Minimalistic HTTP(S) client for the NT kernel
  ☆59Updated 2 weeks ago
• alfarom256 / HPHardwareDiagnostics-PoC
  PoC exploit for HP Hardware Diagnostic's EtdSupp driver
  ☆50Updated 2 years ago
• oldboy21 / SWAPPALA
  In-memory hiding technique
  ☆57Updated 11 months ago
• jbaines-r7 / dellicious
  Enabled / Disable LSA Protection via BYOVD
  ☆80Updated 4 years ago
• alfarom256 / MCP-PoC
  Minifilter Callback Patching Proof-of-Concept
  ☆73Updated 3 years ago
• scrt / KexecDDPlus
  Exploiting the KsecDD Windows driver through Server Silos
  ☆75Updated last year
• Tserith / Parasite
  Compact MBR Bootkit for Windows
  ☆54Updated 3 years ago
• rbmm / NtDetours
  Detours implementation (x64/x86) which used only ntdll import
  ☆90Updated 2 months ago
• MahmoudZohdy / IAT-Obfuscation
  IAT-Obfuscation to make static analysis of executable harder.
  ☆44Updated 4 years ago
• Crypt0s / Ekko_CFG_Bypass
  A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process
  ☆112Updated 3 years ago
• worawit / malk
  Demonstrate calling a kernel function and handle process creation callback against HVCI
  ☆78Updated 2 years ago
• mdsecactivebreach / functionpeekaboo
  ☆57Updated last month
• cainiao1992 / ollvm-mingw
  An Obfuscator-LLVM based mingw-w64 toolchain.
  ☆43Updated 4 years ago
• ldpreload / werkernel
  Windows LPE Nday
  ☆32Updated last year
• ReCryptLLC / CVE-2022-42045
  ☆40Updated 2 years ago
• Archie-osu / PowerHook
  Hooking KPRCB IdlePreselect function to gain execution inside PID 0.
  ☆72Updated 8 months ago
• rad9800 / VehApiResolve
  ☆114Updated 3 years ago
• MahmoudZohdy / APICallProxy
  Windows API Call Obfuscation
  ☆111Updated 3 years ago
• m417z / thread-call-stack-scanner
  Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…
  ☆78Updated 5 months ago
• Hagrid29 / herpaderply_hollowing
  Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping
  ☆64Updated 3 years ago
• Skeletal-Group / Hermes
  Fast covert timing channel communication for inter-process and inter-processor communication on Windows systems.
  ☆63Updated last month
• bitdefender / hypervinject-poc
  ☆52Updated 4 months ago
• Xacone / Eneio64-Driver-Exploits
  A serie of exploits targeting eneio64.sys - Turning Physical Memory R/W into Virtual Memory R/W
  ☆106Updated last month
• rbmm / RtlClone
  ☆42Updated 9 months ago
• AmitMoshel1 / PatchGuardEncryptorDriver
  An improved version of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.
  ☆74Updated 8 months ago
• UmaRex01 / HookSentry
  Check if your AV/EDR does inline hooking, displays the hooked functions and allows you to compare them with the original ones.
  ☆36Updated 7 months ago
• lem0nSec / Dsebler
  Reimplementation of the KExecDD DSE bypass technique.
  ☆55Updated last year
• hid3rx / GhostWriting
  ☆32Updated 2 years ago