Reverse Engineering Page Table Caches in Your Processor
☆373May 5, 2021Updated 4 years ago
Alternatives and similar repositories for revanc
Users that are interested in revanc are comparing it to the libraries listed below
Sorting:
- ☆386Oct 28, 2019Updated 6 years ago
- This framework is for fuzzing OSX kernel vulnerability based on passive inline hook mechanism in kernel mode.☆229Oct 18, 2017Updated 8 years ago
- AFL/QEMU fuzzing with full-system emulation.☆640Sep 9, 2018Updated 7 years ago
- The DrK Attack - Proof of concept☆347Mar 13, 2022Updated 3 years ago
- PoC for breaking hypervisor ASLR using branch target buffer collisions☆168Sep 24, 2016Updated 9 years ago
- Triton based R2 plugin for concolic execution and total control☆33Nov 26, 2018Updated 7 years ago
- Kernel Address Isolation to have Side-channels Efficiently Removed☆223Dec 24, 2021Updated 4 years ago
- full exploit of pwnfest2016, slide and full text of syscan2017☆165Jun 14, 2017Updated 8 years ago
- A list of my CVE's with POCs☆682Dec 15, 2020Updated 5 years ago
- A Bochs-based instrumentation project designed to log kernel memory references, to identify "double fetches" and other OS vulnerabilities☆345May 5, 2019Updated 6 years ago
- ☆236May 31, 2018Updated 7 years ago
- ☆32Nov 15, 2017Updated 8 years ago
- A linux system call fuzzer using TriforceAFL☆177Feb 28, 2024Updated 2 years ago
- A demo project for AFL with QEMU Augmented Instrumentation (qai)☆44Nov 22, 2016Updated 9 years ago
- Cross Platform Kernel Fuzzer Framework☆457Oct 11, 2018Updated 7 years ago
- aflpin enables afl to fuzz blackbox binaries using a pin tool to trace execution branches.☆172Jan 27, 2015Updated 11 years ago
- Kernel debugger using Timeless Debugging method.☆74Feb 16, 2017Updated 9 years ago
- An amd64 symbolic emulator☆314Aug 28, 2021Updated 4 years ago
- Old mitigation-bounty code that was applicable to edge before it use webkit/chrome☆87Dec 19, 2016Updated 9 years ago
- specific fuzzers based on AFL and fuzzing results☆41Oct 22, 2016Updated 9 years ago
- Xenpwn is a toolkit for memory access tracing using hardware-assisted virtualization☆144Jul 22, 2016Updated 9 years ago
- Tool for testing and finding minimal eviction sets☆108May 6, 2021Updated 4 years ago
- ☆153Oct 18, 2018Updated 7 years ago
- ☆64Oct 24, 2015Updated 10 years ago
- Full exploit of CVE-2016-6754(BadKernel) and slide of SyScan360 2016☆152Nov 28, 2016Updated 9 years ago
- Public Android Vulnerability Information (CVE PoCs etc)☆87Apr 3, 2017Updated 8 years ago
- Papers, blogposts, tutorials etc for learning about Windows kernel exploitation, internals and (r|b)ootkits☆415Jan 2, 2020Updated 6 years ago
- Code for the USENIX 2017 paper: kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels☆591Jan 10, 2019Updated 7 years ago
- Proof-of-Concept exploit for Edge bugs (CVE-2016-7200 & CVE-2016-7201)☆140Jan 4, 2017Updated 9 years ago
- I Know Where Your Page Lives: Derandomizing the latest Windows 10 Kernel - ZeroNights 2016☆172Dec 7, 2016Updated 9 years ago
- TypeSan checks casts in C++ code - code released for CCS 2016☆36May 5, 2021Updated 4 years ago
- ☆30May 23, 2017Updated 8 years ago
- ☆114Oct 3, 2017Updated 8 years ago
- Loading unsigned code into kernel in Windows 10 (64) with help of VMware Workstation Pro/Player design flaw☆141Apr 4, 2017Updated 8 years ago
- Uncovering Class Hierarchies in C++ Programs☆127Sep 16, 2022Updated 3 years ago
- BrundleFuzz is a distributed fuzzer for Windows and Linux using dynamic binary instrumentation.☆82Sep 10, 2016Updated 9 years ago
- Fuzz and Detect "Use After Free" vulnerability in win32k.sys ( Heap based )☆138Nov 28, 2015Updated 10 years ago
- ☆14Jun 30, 2015Updated 10 years ago
- A low-overhead dynamic binary instrumentation and modification tool for ARM (both AArch32 and AArch64 support) and RISC-V (RV64GC).☆391Jan 21, 2025Updated last year