pRain1337 / HermesLinks
SMM UEFI module and client for UMD privilege escalation
☆47Updated 3 weeks ago
Alternatives and similar repositories for Hermes
Users that are interested in Hermes are comparing it to the libraries listed below
Sorting:
- Another UEFI runtime bootkit☆29Updated 2 years ago
- Tool to dump EFI runtime drivers.☆36Updated last year
- ☆36Updated 3 years ago
- Windows kernel debugger for Linux hosts running Windows under KVM/QEMU☆85Updated 3 weeks ago
- bypassing intel txt's tboot integrity checks via coreboot shim☆70Updated 3 months ago
- A Windows executable (PE) packer (x64) with LZMA compression and with full TLS (Thread Local Storage) support☆57Updated last week
- SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.☆88Updated 8 months ago
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆122Updated 2 years ago
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆55Updated 8 months ago
- Using MMIO (Memory-Mapped I/O) to read TPM 2.0 public Endorsement Key.☆41Updated last year
- uefi diskless persistence technique + OVMF secureboot bypass☆81Updated last year
- Compact MBR Bootkit for Windows☆52Updated 3 years ago
- UEFI bootkit: Hardware Implant. In-Progress☆15Updated 3 years ago
- Report and exploit of CVE-2023-36427☆90Updated last year
- Windows KASLR bypass using prefetch side-channel☆102Updated last year
- Simple, fast and lightweight x86-64 Assembler Library for C++ / Header-Only☆57Updated last week
- Report and exploit of CVE-2024-21305.☆36Updated last year
- Hyper-V related resources☆31Updated last year
- arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system☆57Updated 3 years ago
- Binary rewriter for 64-bit PE files.☆76Updated last year
- EFI bootkit for loading unsigned drivers☆18Updated 11 months ago
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆55Updated 2 years ago
- The Windbg extensions to study Hyper-V on Intel and AMD processors.☆153Updated 3 months ago
- Windows PDB parser for kernel-mode environment.☆97Updated 2 weeks ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆66Updated last year
- DSE & PG bypass via BYOVD attack☆51Updated last year
- Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures☆36Updated 9 months ago
- Using Windows' own bootloader as a shim to bypass Secure Boot☆173Updated 11 months ago
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆40Updated 3 years ago
- A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.☆82Updated 10 months ago