Leveraging TPM2 TCG Logs (Measured Boot) to Detect UEFI Drivers and Pre-Boot Applications
☆22Mar 28, 2025Updated 11 months ago
Alternatives and similar repositories for measured_boot_poc
Users that are interested in measured_boot_poc are comparing it to the libraries listed below
Sorting:
- WinDbg plugin to trace module transitions from a debugged driver.☆40Dec 22, 2025Updated 2 months ago
- A rust proof of concept to demonstrate registry overwriting via RegRestoreKey using the Offline Registry Library☆24Nov 13, 2025Updated 3 months ago
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆30Sep 24, 2025Updated 5 months ago
- ☆53Mar 26, 2025Updated 11 months ago
- ☆14Jan 7, 2023Updated 3 years ago
- Supporting PoCs and scripts for my talk "OverLAPS: Overriding LAPS Logic"☆22Oct 12, 2025Updated 4 months ago
- An example of an external LLVM plugin module transform pass for the latest versions.☆14Oct 21, 2025Updated 4 months ago
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆84Dec 21, 2022Updated 3 years ago
- ☆17May 7, 2025Updated 9 months ago
- Simple and lightweight hypervisor for AMD processors☆44Oct 25, 2025Updated 4 months ago
- Slides for COM Hijacking AV/EDR Talk on 38c3☆75Jan 3, 2025Updated last year
- Dll injection through code page id modification in registry. Based on jonas lykk research☆17Jun 18, 2022Updated 3 years ago
- Vectored Exception Handling Squared☆29Dec 27, 2025Updated 2 months ago
- A runtime for developing large-scale and complex shellcode.☆22Feb 15, 2026Updated 2 weeks ago
- Proof-of-concept game using VBS enclaves to protect itself from cheating☆49Nov 10, 2024Updated last year
- Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …☆54Dec 30, 2025Updated 2 months ago
- A way to maintain long-term access to Windows LAPS for lateral movement in AD via installing an Offensive LAPS RPC backdoor on a DC.☆29Jun 9, 2025Updated 8 months ago
- ☆26Nov 8, 2024Updated last year
- Demonstrates consuming from a SecurityTrace ETW session by consuming from the Threat-Intelligence ETW provider without a driver or PPL pr…☆64Jan 19, 2026Updated last month
- Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does☆95Jul 3, 2025Updated 7 months ago
- Submission, compilation and execution of C# code snippets, using an unmanaged CLR Host☆53Jan 29, 2015Updated 11 years ago
- Open-source multi-purpose remote access tool for Microsoft Windows☆195Updated this week
- Internal Monologue BOF☆79Dec 28, 2024Updated last year
- By manipulating LSASS memory flags like UseLogonCredential and IsCredGuardEnabled, this repo demonstrates how Credential Guard can be byp…☆14May 25, 2025Updated 9 months ago
- UEFI Bootkit Framework that attacks boot-time Code Integrity☆117Dec 15, 2025Updated 2 months ago
- Virtual Trust Level (VTL 1) secure call tracing☆102Feb 12, 2026Updated 2 weeks ago
- GPOAnalyzer is a tool designed to assist in parsing domain Group Policy Object (GPO) files located in the SYSVOL directory.☆28Jun 14, 2024Updated last year
- DoublePulsar (Position-Independent) Shellcode (Windows 7 SP1 x64)☆28Mar 11, 2020Updated 5 years ago
- Utility to inject honey tokens into lsass.☆28Feb 7, 2017Updated 9 years ago
- ☆21Feb 22, 2025Updated last year
- Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…☆66Dec 29, 2023Updated 2 years ago
- User-mode implementation of HTTP.SYS. Implements HTTP 1.1 of the "HTTP Server API 2.0" for web servers☆44Feb 17, 2025Updated last year
- Proof of concepts demonstrating some aspects of the Windows kernel shadow stack mitigation.☆54Jun 2, 2025Updated 9 months ago
- Prevent in-process process termination by patching exit APIs☆63Nov 9, 2025Updated 3 months ago
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆73Apr 13, 2025Updated 10 months ago
- early cascade injection PoC based on Outflanks blog post, in rust☆62Nov 8, 2024Updated last year
- Mentally ill EtwTi parser☆68Jan 11, 2026Updated last month
- A small C utility that encodes bytes into whitespace characters.☆25Sep 28, 2021Updated 4 years ago
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆78Mar 29, 2025Updated 11 months ago