odzhan / aes_dust
Unlicensed tiny / small portable implementation of 128/256-bit AES encryption in C, x86, AMD64, ARM32 and ARM64 assembly
☆117Updated this week
Related projects: ⓘ
- Three Tiny Examples of Directly Using Vista's NtCreateUserProcess☆84Updated 8 years ago
- A kernel vulnerability used to achieve arbitrary read-write on Windows prior to July 2022☆103Updated last year
- A simple PoC to invoke an encrypted shellcode by using an hidden call☆113Updated last year
- Abusing exceptions for code execution.☆104Updated last year
- An ELF / PE binary packer written in pure C, made for fun☆74Updated 5 months ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆108Updated 3 years ago
- Simple project using syscalls (via Syswhispers2) to execute MessageBox shellcode.☆72Updated 2 years ago
- Code injection from Linux kernel to a process☆19Updated last year
- ☆128Updated last year
- Enumerate user mode shared memory mappings on Windows.☆112Updated 3 years ago
- Autonomous pre-boot DMA attack hardware implant for M.2 slot based on PicoEVB development board☆60Updated 11 months ago
- ELF binary forensics tool for APT, virus, backdoor and rootkit detection☆42Updated 5 months ago
- A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.☆157Updated 2 months ago
- vulnerability in zam64.sys, zam32.sys allowing ring 0 code execution. CVE-2021-31727 and CVE-2021-31728 public reference.☆88Updated 3 years ago
- ☆243Updated 2 years ago
- Simple 32/64-bit PEs loader.☆135Updated 5 years ago
- A collection of tools, source code, and papers researching Windows' implementation of CET.☆72Updated 3 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆203Updated 4 years ago
- masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)☆114Updated last year
- A PoC designed to bypass all usermode hooks in a WoW64 environment.☆147Updated 4 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆229Updated 2 years ago
- SMM rootkit similar to LoJax or MosaicRegressor☆101Updated 10 months ago
- https://blog.f-secure.com/hiding-malicious-code-with-module-stomping/☆112Updated 5 years ago
- Linux process injection PoCs☆25Updated 4 months ago
- ☆43Updated 2 years ago
- ☆117Updated this week
- A Python script to download PDB files associated with a Portable Executable (PE)☆113Updated 2 months ago
- short crackme for Windows XP SP3 (32 bit version). ring0 stuff. IMO very fun x-)☆23Updated last year
- Unofficial Common Log File System (CLFS) Documentation☆159Updated 2 years ago
- Loading dbk64.sys and grabbing a handle to it☆148Updated 2 years ago