sogeti-esec-lab / REBoot
Bootkits Revisited
☆41Updated 10 years ago
Related projects ⓘ
Alternatives and complementary repositories for REBoot
- Anti-AV compilation☆42Updated 11 years ago
- Old exploits and code for my self-referencing PML4 technique (2014)☆30Updated 9 years ago
- PoC for Bypassing UM Hooks By Bruteforcing Intel Syscalls☆39Updated 8 years ago
- PCAUSA Rawether for Windows Local Privilege Escalation☆36Updated 7 years ago
- ☆28Updated 7 years ago
- ☆46Updated 7 years ago
- A sample project for using Capstone from a driver in Visual Studio 2015☆33Updated 8 years ago
- Automatically exported from code.google.com/p/ioctlbf☆16Updated 9 years ago
- ☆73Updated 6 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆26Updated 7 years ago
- A C polymorphic and metamorphic engine☆66Updated 5 years ago
- Anti-technique Codes, Detection of Anti-technique codes☆37Updated 11 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆75Updated 9 years ago
- Malware monitor template based on MinHook☆16Updated 9 years ago
- Helper utility for debugging windows PE/PE+ loader.☆50Updated 9 years ago
- Hidden kernel mode code execution for bypassing modern anti-rootkits.☆80Updated 13 years ago
- deprecated☆26Updated 5 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 6 years ago
- Two tools used during our analysis of the Microsoft binary injection mitigation implemented in Edge TH2.☆53Updated 7 years ago
- The Grum Spam Bot☆20Updated 9 years ago
- Decrement Windows Kernel for fun and profit☆38Updated 6 years ago
- Windows SMEP Bypass U=S☆37Updated 8 years ago
- Adding exceptions to Microsoft's Control Flow Guard (CFG)☆58Updated 8 years ago
- Ring3 Rootkit Backdoor.☆41Updated 9 years ago
- ☆33Updated 9 years ago
- 微软7月布丁增加内存延迟释放机制☆11Updated 10 years ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub☆76Updated 12 years ago
- Windows 10 UAC bypass PoC using LaunchInfSection☆34Updated 6 years ago
- Logs instruction hits to a file which can be fed into IDA Pro to highlight which instructions were called.☆41Updated 11 years ago