odzhan / aes_dust

Related projects: ⓘ

• Microwave89 / createuserprocess
  Three Tiny Examples of Directly Using Vista's NtCreateUserProcess
  ☆84Updated 8 years ago
• realoriginal / angryorchard
  A kernel vulnerability used to achieve arbitrary read-write on Windows prior to July 2022
  ☆103Updated last year
• enkomio / BrokenFlow
  A simple PoC to invoke an encrypted shellcode by using an hidden call
  ☆113Updated last year
• D4stiny / ExceptionOrientedProgramming
  Abusing exceptions for code execution.
  ☆104Updated last year
• SilentVoid13 / Silent_Packer
  An ELF / PE binary packer written in pure C, made for fun
  ☆74Updated 5 months ago
• LloydLabs / dearg-thread-ipc-stealth
  A novel technique to communicate between threads using the standard ETHREAD structure
  ☆108Updated 3 years ago
• riskydissonance / SyscallsExample
  Simple project using syscalls (via Syswhispers2) to execute MessageBox shellcode.
  ☆72Updated 2 years ago
• milabs / kjector
  Code injection from Linux kernel to a process
  ☆19Updated last year
• Signal-Labs / IOCTLDump
  ☆128Updated last year
• 0vercl0k / sic
  Enumerate user mode shared memory mappings on Windows.
  ☆112Updated 3 years ago
• Cr4sh / pico_dma
  Autonomous pre-boot DMA attack hardware implant for M.2 slot based on PicoEVB development board
  ☆60Updated 11 months ago
• arcana-technologies / arcana.elfscan
  ELF binary forensics tool for APT, virus, backdoor and rootkit detection
  ☆42Updated 5 months ago
• hasherezade / masm_shc
  A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.
  ☆157Updated 2 months ago
• irql / CVE-2021-31728
  vulnerability in zam64.sys, zam32.sys allowing ring 0 code execution. CVE-2021-31727 and CVE-2021-31728 public reference.
  ☆88Updated 3 years ago
• trustedsec / ELFLoader
  ☆243Updated 2 years ago
• 86hh / DreamLoader
  Simple 32/64-bit PEs loader.
  ☆135Updated 5 years ago
• yardenshafir / cet-research
  A collection of tools, source code, and papers researching Windows' implementation of CET.
  ☆72Updated 3 years ago
• 0xcpu / WinAltSyscallHandler
  Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999
  ☆203Updated 4 years ago
• therealdreg / masm32-kernel-programming
  masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)
  ☆114Updated last year
• jackullrich / memfuck
  A PoC designed to bypass all usermode hooks in a WoW64 environment.
  ☆147Updated 4 years ago
• KiFilterFiberContext / warbird-hook
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆229Updated 2 years ago
• jussihi / SMM-Rootkit
  SMM rootkit similar to LoJax or MosaicRegressor
  ☆101Updated 10 months ago
• WithSecureLabs / ModuleStomping
  https://blog.f-secure.com/hiding-malicious-code-with-module-stomping/
  ☆112Updated 5 years ago
• antifob / linux-prinj
  Linux process injection PoCs
  ☆25Updated 4 months ago
• dsnezhkov / elfpack
  ☆43Updated 2 years ago
• SecIdiot / ANGRYORCHARD
  ☆117Updated this week
• p0dalirius / pdbdownload
  A Python script to download PDB files associated with a Portable Executable (PE)
  ☆113Updated 2 months ago
• therealdreg / cagrackme
  short crackme for Windows XP SP3 (32 bit version). ring0 stuff. IMO very fun x-)
  ☆23Updated last year
• ionescu007 / clfs-docs
  Unofficial Common Log File System (CLFS) Documentation
  ☆159Updated 2 years ago
• ioncodes / ceload
  Loading dbk64.sys and grabbing a handle to it
  ☆148Updated 2 years ago