Illustrates the concept of return address spoofing, and how it is used.
☆14May 13, 2020Updated 5 years ago
Alternatives and similar repositories for Return-address-spoofer
Users that are interested in Return-address-spoofer are comparing it to the libraries listed below
Sorting:
- A minimalistic way to spoof return addresses without using exceptions☆18Jul 26, 2022Updated 3 years ago
- UM-KM Communication using registry callbacks☆39Jun 8, 2020Updated 5 years ago
- Fixes the "Device\Nal is already in use" error on kdmapper.☆19Jan 9, 2023Updated 3 years ago
- Hijack NotifyRoutine for a kernelmode thread☆41Jun 4, 2022Updated 3 years ago
- ☆43Oct 19, 2021Updated 4 years ago
- ☆37May 21, 2022Updated 3 years ago
- Some drivers I've written while solving exercises from Practical Reverse Engineering☆15Jan 9, 2022Updated 4 years ago
- A lightweight x86/x64 VM☆18Feb 7, 2021Updated 5 years ago
- Windows kernel drivers simple HTTP library for modern C++☆40Jul 12, 2018Updated 7 years ago
- An example code of CiGetCertPublisherName☆16Mar 24, 2022Updated 3 years ago
- ☆24May 17, 2022Updated 3 years ago
- base for testing☆187Sep 28, 2024Updated last year
- ☆118Aug 7, 2022Updated 3 years ago
- Old way for blocking NMI interrupts☆29Sep 6, 2022Updated 3 years ago
- Programmatically set hardware breakpoint with C++ on Windows☆38Feb 21, 2024Updated 2 years ago
- A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.☆157Nov 14, 2021Updated 4 years ago
- ☆59Jun 8, 2022Updated 3 years ago
- A PoC for requesting HWIDs directly from hardware, skipping any potential hooks or OS support.☆89Mar 16, 2021Updated 4 years ago
- Using CVE-2021-40449 to manual map kernel mode driver☆104Mar 5, 2022Updated 4 years ago
- Experimental disassembler for x86 binaries virtualized by VMProtect 3☆98Aug 27, 2022Updated 3 years ago
- An x64 page table iterator written in C++ as a kernel mode windows driver.☆119May 25, 2021Updated 4 years ago
- ☆146Jan 13, 2021Updated 5 years ago
- search for a driver/dll module that has a wanted section bigger than the size of your image☆21Aug 14, 2021Updated 4 years ago
- Bypassing kernel patch protection runtime☆22Feb 19, 2023Updated 3 years ago
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.�☆46May 22, 2022Updated 3 years ago
- PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook☆12May 30, 2024Updated last year
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- Static Library For Windows Drivers☆41Dec 13, 2025Updated 2 months ago
- ☆43Apr 18, 2023Updated 2 years ago
- Learn Winapi in this Repo with examples, to understand its abstraction in reverse engineering for Windows.☆11Aug 8, 2022Updated 3 years ago
- So you want to fix a raw .net file manually ? I got it!, Let's fix RVA and Sizes, Relocations, EP, IAT, Metadata Dir, Directory, BSJB, In…☆10Aug 8, 2022Updated 3 years ago
- ☆136Aug 6, 2022Updated 3 years ago
- ☆42Jul 1, 2022Updated 3 years ago
- undetected eac mapper☆171May 3, 2022Updated 3 years ago
- CVE-2022-3699 with arbitrary kernel code execution capability☆71Dec 27, 2022Updated 3 years ago
- clearing traces of a loaded driver☆47Jul 2, 2022Updated 3 years ago
- String obfuscator based on the Mealy automata☆13Sep 16, 2017Updated 8 years ago
- ☆10Jul 18, 2022Updated 3 years ago
- ☆15Sep 24, 2012Updated 13 years ago