not-matthias / kernel-log-rs

Related projects: ⓘ

• oberrich / phnt-rs
  Rust bindings to the System Informer's (formerly known as Process Hacker) "phnt" native Windows headers
  ☆35Updated this week
• b-irb / PigPEI
  PEIM (UEFI) bootkit targeting OVMF (EDK2)
  ☆33Updated 9 months ago
• NotRequiem / antidbg
  C/C++ antidebugging library for 32 and 64 bit processors
  ☆10Updated 2 months ago
• worawit / malk
  Demonstrate calling a kernel function and handle process creation callback against HVCI
  ☆46Updated last year
• greyb1t / GreyM
  Me fockin' pe protector
  ☆45Updated last year
• 0vercl0k / kdmp-parser-rs
  A KISS Rust crate to parse Windows kernel crash-dumps created by Windows & its debugger.
  ☆33Updated last month
• alfarom256 / drivers_and_shit
  ☆56Updated 2 years ago
• benheise / ANGRYORCHARD
  A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.
  ☆27Updated last year
• ch3rn0byl / Gremlins
  ☆13Updated 11 months ago
• Signal-Labs / Hotpatching_PoC
  ☆17Updated last year
• tandasat / CVE-2022-25949
  A years-old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77.
  ☆35Updated 2 years ago
• tandasat / CVE-2024-21305
  Report and exploit of CVE-2024-21305.
  ☆29Updated 8 months ago
• r3bb1t / bin_lift
  Rust library for lifting raw binary data to LLVM IR
  ☆37Updated last month
• zodiacon / VerifierDLL
  Example of building an application verifer DLL
  ☆44Updated 3 months ago
• Nordgaren / stealth-win
  ☆39Updated last year
• sh4m2hwz / devirt_vmp
  devirtualization vmprotect
  ☆59Updated last year
• Midi12 / whse
  WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API
  ☆19Updated 2 years ago
• ch3rn0byl / WinDbg-Extensions
  ☆17Updated 3 years ago
• DenuvoSoftwareSolutions / DVRT
  How Meltdown and Spectre haunt Anti-Cheat: DVRT details
  ☆18Updated 3 weeks ago
• OALabs / ZVM
  Disassembler for Zeus VM custom instruction set
  ☆20Updated 7 months ago
• DownWithUp / WarbirdExamples
  An example of how to use Microsoft Windows Warbird technology
  ☆24Updated last year
• malware-unicorn / pteroioctl-hook
  A driver to implement IOCTL hooking
  ☆23Updated 2 years ago
• kkent030315 / razy_importer
  Rust implementation of lazy_importer
  ☆42Updated last year
• Azvanzed / CVE-2024-44083
  Makes IDA (most versions) to crash upon opening it.
  ☆52Updated 2 weeks ago
• backengineering / vmhook
  A demonstration of hooking into the VMProtect-2 virtual machine
  ☆16Updated 10 months ago
• eset / wslink-vm-analyzer
  WslinkVMAnalyzer is a tool to facilitate analysis of code protected by a virtual machine featured in Wslink malware
  ☆45Updated 2 years ago
• mathisvickie / CVE-2021-21551
  arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system
  ☆52Updated 2 years ago
• expend20 / x64dbg_ext
  Extensions for x64dbg written in Rust: Telescope and Unicorn powered disassembly
  ☆23Updated last year
• tandasat / recon2024_demo
  Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible. No …
  ☆13Updated 3 months ago
• therealdreg / ida_vmware_windows_gdb
  Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)
  ☆57Updated last year