rbmm / TPM

Related projects ⓘ

Alternatives and complementary repositories for TPM

• oldboy21 / SWAPPALA
  In-memory hiding technique
  ☆43Updated 5 months ago
• zodiacon / VerifierDLL
  Example of building an application verifer DLL
  ☆45Updated 5 months ago
• therealdreg / dregate
  call gates as stable comunication channel for NT x86 and Linux x86_64
  ☆30Updated last year
• 0mWindyBug / MinifilterHook
  silence file system monitoring components by hooking their minifilters
  ☆51Updated 9 months ago
• gabriellandau / ShadowStackWalk
  Finding Truth in the Shadows
  ☆84Updated last year
• ch3rn0byl / Gremlins
  ☆13Updated last year
• worawit / malk
  Demonstrate calling a kernel function and handle process creation callback against HVCI
  ☆48Updated last year
• rbmm / remap
  break link between dll and it file on disk
  ☆11Updated 2 months ago
• rbmm / NtDetours
  Detours implementation (x64/x86) which used only ntdll import
  ☆88Updated 5 months ago
• zodiacon / NativePowers
  Native Powers Talk demos
  ☆14Updated last year
• benheise / ANGRYORCHARD
  A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.
  ☆28Updated 2 years ago
• b-irb / PigPEI
  PEIM (UEFI) bootkit targeting OVMF (EDK2)
  ☆33Updated 11 months ago
• rad9800 / VehApiResolve
  ☆98Updated 2 years ago
• Idov31 / UdpInspector
  Listing UDP connections with remote address without sniffing.
  ☆30Updated last year
• 0xMegaByte / COM-Explained
  ☆27Updated 2 years ago
• maziland / StackBombing
  Next gen process injection technique
  ☆42Updated 4 years ago
• connormcgarr / EATGuard
  Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)
  ☆92Updated last year
• rbmm / RtlClone
  ☆27Updated 4 months ago
• Signal-Labs / Hotpatching_PoC
  ☆17Updated last year
• realoriginal / bootdoor
  An initial proof of concept of a bootkit based on Cr4sh's DMABackdoorBoot
  ☆59Updated last year
• jsecurity101 / MSFT_DriverBlockList
  Repository of Microsoft Driver Block Lists based off of OS-builds
  ☆38Updated 6 months ago
• Azvanzed / vmw-logger-rs
  A VMWare logger using built-in backdoor.
  ☆25Updated 3 weeks ago
• Nordgaren / stealth-win
  ☆41Updated last year
• lleon1435 / Kernel_VADInjector
  Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver
  ☆51Updated last year
• zodiacon / MalDevWorkshopWebinar
  Demo from the Malware Analysis and Development Webinar
  ☆19Updated 6 months ago
• Coldzer0 / TinyPDBParser
  Windows PDB Parser using Imagehlp library.
  ☆16Updated 2 years ago
• jsacco / PPL_Bypass
  ☆12Updated 2 years ago
• 1hAck-0 / zeroimport
  ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…
  ☆45Updated last year
• RobinFassinaMoschiniForks / TransitionalPeriod
  Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits
  ☆28Updated 2 years ago
• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆35Updated 3 months ago