stong/CVE-2020-15368 external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

stong/CVE-2020-15368

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/stong/CVE-2020-15368)

Close

stong / CVE-2020-15368View on GitHubMore

• External links
• Readme badge

CVE-2020-15368, aka "How to exploit a vulnerable driver"

☆508Apr 14, 2022Updated 3 years ago

Alternatives and similar repositories for CVE-2020-15368

Users that are interested in CVE-2020-15368 are comparing it to the libraries listed below

• 0vercl0k / CVE-2021-32537

  View on GitHub
  PoC for CVE-2021-32537: an out-of-bounds memory access that leads to pool corruption in the Windows kernel.
  ☆57Jun 26, 2021Updated 4 years ago
• kkent030315 / PageTableInjection

  View on GitHub
  Code Injection, Inject malicious payload via pagetables pml4.
  ☆243Jul 7, 2021Updated 4 years ago
• vp777 / Windows-Non-Paged-Pool-Overflow-Exploitation

  View on GitHub
  Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CV…
  ☆258Sep 1, 2022Updated 3 years ago
• mgeeky / ThreadStackSpoofer

  View on GitHub
  Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation fr…
  ☆1,196Jun 17, 2022Updated 3 years ago
• iPower / KasperskyHook

  View on GitHub
  Hook system calls on Windows by using Kaspersky's hypervisor
  ☆1,282Feb 14, 2026Updated 3 weeks ago
• hasherezade / transacted_hollowing

  View on GitHub
  Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging
  ☆580Mar 8, 2024Updated 2 years ago
• kkent030315 / anycall

  View on GitHub
  x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration
  ☆392Jul 6, 2022Updated 3 years ago
• namazso / physmem_drivers

  View on GitHub
  A collection of various vulnerable (mostly physical memory exposing) drivers.
  ☆450Jun 15, 2022Updated 3 years ago
• synacktiv / Windows-kernel-SegmentHeap-Aligned-Chunk-Confusion

  View on GitHub
  PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap
  ☆214Jul 2, 2020Updated 5 years ago
• D4stiny / spectre

  View on GitHub
  A Windows kernel-mode rootkit that abuses legitimate communication channels to control a machine.
  ☆722Aug 5, 2020Updated 5 years ago
• mgeeky / ShellcodeFluctuation

  View on GitHub
  An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting…
  ☆1,092Jun 17, 2022Updated 3 years ago
• Cr4sh / KernelForge

  View on GitHub
  A library to develop kernel level Windows payloads for post HVCI era
  ☆487May 18, 2021Updated 4 years ago
• passthehashbrowns / hiding-your-syscalls

  View on GitHub
  Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…
  ☆218Feb 20, 2023Updated 3 years ago
• 0vercl0k / wtf

  View on GitHub
  wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kerne…
  ☆1,732Jan 2, 2026Updated 2 months ago
• kkent030315 / NoPatchGuardCallback

  View on GitHub
  x64 Windows PatchGuard bypass, register process-creation callbacks from unsigned code
  ☆207May 27, 2021Updated 4 years ago
• kkent030315 / MsIoExploit

  View on GitHub
  Exploit MsIo vulnerable driver
  ☆128Aug 12, 2021Updated 4 years ago
• klezVirus / SilentMoonwalk

  View on GitHub
  PoC Implementation of a fully dynamic call stack spoofer
  ☆921Jul 20, 2024Updated last year
• sam-b / windows_kernel_address_leaks

  View on GitHub
  Examples of leaking Kernel Mode information from User Mode on Windows
  ☆633Jul 7, 2017Updated 8 years ago
• gdabah / win32k-bugs

  View on GitHub
  Dump of win32k POCs for bugs I've found
  ☆380Mar 6, 2022Updated 4 years ago
• bats3c / DarkLoadLibrary

  View on GitHub
  LoadLibrary for offensive operations
  ☆1,176Oct 22, 2021Updated 4 years ago
• eclypsium / Screwed-Drivers

  View on GitHub
  "Screwed Drivers" centralized information source for code references, links, etc.
  ☆372Mar 19, 2020Updated 5 years ago
• hacksysteam / HackSysExtremeVulnerableDriver

  View on GitHub
  HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux
  ☆2,959Feb 24, 2025Updated last year
• can1357 / ByePg

  View on GitHub
  Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.
  ☆905Nov 21, 2019Updated 6 years ago
• LloydLabs / dearg-thread-ipc-stealth

  View on GitHub
  A novel technique to communicate between threads using the standard ETHREAD structure
  ☆116Feb 27, 2021Updated 5 years ago
• hfiref0x / KDU

  View on GitHub
  Kernel Driver Utility
  ☆2,428Feb 17, 2026Updated 2 weeks ago
• Deputation / hygieia

  View on GitHub
  Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.
  ☆151Feb 12, 2022Updated 4 years ago
• hasherezade / tiny_tracer

  View on GitHub
  A Pin Tool for tracing API calls etc
  ☆1,625Feb 8, 2026Updated last month
• 0xcpu / ExecutiveCallbackObjects

  View on GitHub
  Research on Windows Kernel Executive Callback Objects
  ☆316Feb 22, 2020Updated 6 years ago
• WithSecureLabs / CallStackSpoofer

  View on GitHub
  A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)
  ☆558Apr 8, 2025Updated 11 months ago
• can1357 / NtRays

  View on GitHub
  Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.
  ☆657Jan 28, 2025Updated last year
• FULLSHADE / WindowsExploitationResources

  View on GitHub
  Resources for Windows exploit development
  ☆1,653Dec 20, 2021Updated 4 years ago
• yardenshafir / PoolViewer

  View on GitHub
  An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.
  ☆150Mar 2, 2023Updated 3 years ago
• nccgroup / exploit_mitigations

  View on GitHub
  Knowledge base of exploit mitigations available across numerous operating systems, architectures and applications and versions.
  ☆923May 20, 2024Updated last year
• HyperSine / Windows10-CustomKernelSigners

  View on GitHub
  Load self-signed drivers without TestSigning or disable DSE. Transferred from https://github.com/DoubleLabyrinth/Windows10-CustomKernelSi…
  ☆784Jan 22, 2020Updated 6 years ago
• hfiref0x / WinObjEx64

  View on GitHub
  Windows Object Explorer 64-bit
  ☆1,888Mar 1, 2026Updated last week
• frkngksl / Huan

  View on GitHub
  Encrypted PE Loader Generator
  ☆544Aug 13, 2021Updated 4 years ago
• KiFilterFiberContext / warbird-hook

  View on GitHub
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆269Aug 31, 2022Updated 3 years ago
• gerhart01 / Hyper-V-Internals

  View on GitHub
  Internals information about Hyper-V
  ☆732Updated this week
• quarkslab / rewind

  View on GitHub
  Snapshot-based coverage-guided windows kernel fuzzer
  ☆325Dec 16, 2021Updated 4 years ago