trailofbits / HVCI-loldrivers-check

Related projects ⓘ

Alternatives and complementary repositories for HVCI-loldrivers-check

• FuzzySecurity / BulkBindex
  Winbindex bot to pull in binaries for specific releases
  ☆46Updated last year
• therealdreg / dregate
  call gates as stable comunication channel for NT x86 and Linux x86_64
  ☆30Updated last year
• trailofbits / WinDbg-JS
  ☆24Updated last year
• dobin / RedEdr
  Collect Windows telemetry for Maldev
  ☆57Updated this week
• yo-yo-yo-jbo / virtual_memory_known_dlls
  ☆18Updated last year
• thefLink / Hunt-Weird-ImageLoads
  Small tool to play with IOCs caused by Imageload events
  ☆37Updated last year
• hugsy / recon_2024_windbg_workshop
  ☆71Updated 4 months ago
• jonaslyk / temp
  ☆65Updated last year
• gabriellandau / ShadowStackWalk
  Finding Truth in the Shadows
  ☆84Updated last year
• RedTeamOperations / VEH-PoC
  ☆106Updated last year
• jsecurity101 / MSFT_DriverBlockList
  Repository of Microsoft Driver Block Lists based off of OS-builds
  ☆39Updated 7 months ago
• Dump-GUY / Get-PDInvokeImports
  Get-PDInvokeImports is tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke u…
  ☆51Updated 2 years ago
• s4dbrd / ETWReader
  Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich
  ☆14Updated 4 months ago
• 20urc3 / Aplos
  Aplos an extremely simple fuzzer for Windows binaries.
  ☆66Updated 7 months ago
• DISREL / Ring0VBA
  CVE-2018-6066 using VBA
  ☆64Updated 2 years ago
• AaLl86 / WindowsInternals
  Contains all the applications developed for the Second part of the 7th Edition of Windows Internals book
  ☆101Updated 4 months ago
• WithSecureLabs / TickTock
  ☆106Updated 2 years ago
• joe-desimone / rep-research
  ☆67Updated 3 months ago
• jdu2600 / Get-InjectedThreadEx
  Fork of Get-InjectedThread - https://gist.github.com/jaredcatkinson/23905d34537ce4b5b1818c3e6405c1d2
  ☆27Updated last year
• whokilleddb / ETWListicle
  List the ETW provider(s) in the registration table of a process.
  ☆52Updated last year
• NUL0x4C / EtwSessionHijacking
  A Poc on blocking Procmon from monitoring network events
  ☆98Updated 2 years ago
• rbmm / TPM
  Easy encrypt/decrypt data with TPM
  ☆24Updated 8 months ago
• CaptainNox / Hypnos
  A more reliable way of resolving syscall numbers in Windows
  ☆49Updated 9 months ago
• JanielDary / weetabix
  A C++ PoC implementation for enumerating Windows Fibers directly from memory
  ☆17Updated 6 months ago
• xforcered / Windows_MSKSSRV_LPE_CVE-2023-36802
  LPE exploit for CVE-2023-36802
  ☆22Updated last year
• boku7 / x64win-DynamicNoNull-WinExec-PopCalc-Shellcode
  64bit WIndows 10 shellcode dat pops dat calc - Dynamic & Null Free
  ☆58Updated last year
• passthehashbrowns / VectoredExceptionHandling
  ☆81Updated 3 months ago
• bluefrostsecurity / Windows-Drive-Remapping-EoP
  ☆27Updated last year
• dxxzero / rusty_drivers
  BYOVD collection
  ☆20Updated 8 months ago
• qtc-de / rpv-web
  rpv-web is a browser based frontend for the rpv library
  ☆25Updated 3 months ago