mtth-bfft / ntsec
Standalone tool to explore the security model of Windows and its NT kernel. Use it to introspect privilege assignments and access right assignments, enumerate attack surfaces from the point of view of a sandboxed process, etc.
☆29Updated 5 years ago
Related projects ⓘ
Alternatives and complementary repositories for ntsec
- PoC for Bypassing UM Hooks By Bruteforcing Intel Syscalls☆39Updated 9 years ago
- Kernel mode windows NT API logger☆21Updated 5 years ago
- ☆45Updated 6 years ago
- Analyze and attack windows applications using dll hijacking vulnerabilities☆55Updated 5 years ago
- Blog posts☆30Updated 4 years ago
- ☆49Updated 4 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 6 years ago
- Process reimaging proof of concept code☆95Updated 5 years ago
- Flare-On solutions☆36Updated 5 years ago
- ☆22Updated 7 years ago
- Malware Analysis, Anti-Analysis, and Anti-Anti-Analysis☆44Updated 7 years ago
- DLL Injection Library & Tools☆70Updated 8 years ago
- HackSys Extreme Vulnerable Driver - StackOverflow Exploit☆30Updated 7 years ago
- HackSys Extreme Vulnerable Driver - StackOverflow with Stack Cookie Bypass Exploit☆18Updated 7 years ago
- ☆15Updated 3 years ago
- Poc for ELF64 runtime infection via GOT poisoning technique by elfmaster☆29Updated 4 years ago
- CAPE monitor DLLs☆38Updated 4 years ago
- A rootkit implemented as a linux kernel module☆16Updated 9 years ago
- Gozi-MBR-rootkit Bootkit Modified☆67Updated 8 years ago
- The Minimalistic x86/x64 API Hooking Library for Windows☆32Updated 6 years ago
- Shim database persistence (Fin7 TTP)☆35Updated 4 years ago
- Bypass antivirus with dynamic import. Hide the api(s) used.☆27Updated 8 years ago
- ☆51Updated 7 years ago
- ☆32Updated 6 years ago