p0dalirius / volatility3-symbolsLinks
Memory mapping profiles for forensic analysis using volatility 3
☆27Updated 3 years ago
Alternatives and similar repositories for volatility3-symbols
Users that are interested in volatility3-symbols are comparing it to the libraries listed below
Sorting:
- Memory mapping profiles for forensic analysis using volatility 2☆48Updated 2 years ago
- ☆92Updated 2 years ago
- This repository contains a list of python scripts to work with Microsoft RPC for research purposes.☆48Updated 4 months ago
- Scanning tool for identifying local privilege escalation issues in vulnerable MSI installers☆122Updated 9 months ago
- Local & remote Windows DLL Proxying☆164Updated last year
- ☆59Updated last year
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆105Updated last year
- A collection of tools and detections for the Sliver C2 Frameworj☆127Updated 2 years ago
- ☆184Updated 2 years ago
- PoC for CVE-2023-36802 Microsoft Kernel Streaming Service Proxy☆35Updated last year
- Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io☆82Updated last year
- ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…☆125Updated last week
- ☆105Updated 11 months ago
- Finding secrets in kernel and user memory☆116Updated last year
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Updated 3 months ago
- ☆72Updated last year
- Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation☆127Updated last year
- ☆78Updated last year
- To audit the security of read-only domain controllers☆117Updated last year
- Example code samples from our ScriptBlock Smuggling Blog post☆91Updated last year
- A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue☆100Updated last year
- ☆36Updated 6 months ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆97Updated 2 years ago
- Detect EDR's exceptions by inspecting processes' loaded modules☆130Updated last year
- A PoC for achieving persistence via push notifications on Windows☆46Updated 2 years ago
- Create Anti-Copy DRM Malware☆58Updated 10 months ago
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆117Updated 2 months ago
- ☆144Updated last week
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆51Updated last year
- ☆155Updated 6 months ago