polakow / WindowsBypassSMEP
Example for PagedOut!
☆24Updated 4 years ago
Related projects: ⓘ
- A PoC tool for exploiting leaked process and thread handles☆30Updated 7 months ago
- ☆31Updated 4 years ago
- A kernel mode Windows rootkit in development.☆49Updated 2 years ago
- ☆40Updated this week
- ☆19Updated this week
- ☆15Updated this week
- Subtract one PE file from another!☆19Updated 2 years ago
- Command like tool to print mitigation flags for running processes in a memory dump☆41Updated 4 years ago
- Resources from my journey into Windows binary exploitation☆22Updated 5 years ago
- ☆26Updated 2 years ago
- ☆30Updated this week
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆20Updated 2 years ago
- ☆44Updated 4 years ago
- Remote PE reflective injection with a simple reflective loader☆28Updated 5 years ago
- ☆10Updated 2 years ago
- Exploiting ring0 memcpy-like functionality to disable Driver Signing Enforcement (DSE)☆18Updated 4 years ago
- CSharp Writeups for HackSys Extreme Vulnerable Driver☆43Updated 2 years ago
- ☆22Updated 4 years ago
- ☆15Updated 3 years ago
- ☆32Updated 2 years ago
- ☆15Updated this week
- ☆27Updated this week
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆38Updated 3 years ago
- Yet another Windows DLL injector.☆36Updated 2 years ago
- POC For CVE-2022-24483☆14Updated 2 years ago
- ☆19Updated this week
- ☆15Updated this week
- ☆21Updated this week
- Open-source EDR kernel-component for system monitoring and DLL injection☆30Updated 3 years ago
- Extract data of TTD trace file to a minidump☆28Updated last year