mtth-bfft / ntsec
Standalone tool to explore the security model of Windows and its NT kernel. Use it to introspect privilege assignments and access right assignments, enumerate attack surfaces from the point of view of a sandboxed process, etc.
☆29Updated 5 years ago
Related projects: ⓘ
- PoC for Bypassing UM Hooks By Bruteforcing Intel Syscalls☆39Updated 8 years ago
- Kernel mode windows NT API logger☆21Updated 5 years ago
- Malware Analysis, Anti-Analysis, and Anti-Anti-Analysis☆43Updated 7 years ago
- ☆58Updated this week
- Flare-On solutions☆36Updated 4 years ago
- ☆45Updated 6 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 6 years ago
- ☆81Updated this week
- ☆22Updated 7 years ago
- ☆32Updated 6 years ago
- PCAUSA Rawether for Windows Local Privilege Escalation☆36Updated 7 years ago
- CAPE monitor DLLs☆38Updated 4 years ago
- ☆33Updated 6 years ago
- Dumps information about all the callback objects found in a dump file and the functions registered for them☆32Updated 3 years ago
- ☆29Updated this week
- ☆46Updated 7 years ago
- ☆49Updated this week
- ☆44Updated this week
- ☆15Updated 3 years ago
- ☆48Updated 4 years ago
- public bugs/proof of concepts☆47Updated 3 years ago
- Blog posts☆30Updated 4 years ago
- Analyze and attack windows applications using dll hijacking vulnerabilities☆54Updated 4 years ago
- ☆34Updated this week
- ☆21Updated this week
- DLL Injection Library & Tools☆71Updated 8 years ago
- Decrement Windows Kernel for fun and profit☆38Updated 6 years ago
- Tool to display a Windows 8+ process mitigation policy☆12Updated 9 years ago
- ☆21Updated 3 years ago
- The Minimalistic x86/x64 API Hooking Library for Windows☆32Updated 6 years ago