vxcall / kurLinks
a tiny code that performs kernel-mode read/write using CVE-2023-38817.
☆15Updated 5 months ago
Alternatives and similar repositories for kur
Users that are interested in kur are comparing it to the libraries listed below
Sorting:
- using wnbios64.sys for arbitrary r/w☆15Updated last year
- X86 Packer with Portable Executable compatibility.☆56Updated last week
- CVE-2022-3699 with arbitrary kernel code execution capability☆71Updated 2 years ago
- Bring Your Own Vulnerable Driver for PatchGuard & Driver Signature Enforcement☆13Updated last year
- PoC exploit for HP Hardware Diagnostic's EtdSupp driver☆50Updated 2 years ago
- Detect BypassUAC using AMSI☆26Updated 6 months ago
- Compileable POC of namazso's x64 return address spoofer.☆51Updated 5 years ago
- ntoskrnl .data hooks for UM-KM communication☆51Updated last year
- Windows API Call Obfuscation☆109Updated 2 years ago
- Dynamically generated obfuscated jumps and/or function calls☆36Updated 2 years ago
- Exploit for eneio64.sys - Turning Physical Memory R/W into Virtual Memory R/W☆62Updated 2 months ago
- silence file system monitoring components by hooking their minifilters☆59Updated last year
- spoof return address☆75Updated 2 years ago
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆90Updated 2 years ago
- IAT-Obfuscation to make static analysis of executable harder.☆44Updated 3 years ago
- Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post☆66Updated last year
- Append custom data to signed pe file and DONOT DESTROY SIGNED STATUS.☆26Updated 4 years ago
- Compile-Time Calls Obfuscator for C++14+☆47Updated last year
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆68Updated 2 years ago
- kernel to user mode APC injector☆45Updated 3 years ago
- Detours implementation (x64/x86) which used only ntdll import☆90Updated last year
- Inline syscalls made for MSVC supporting x64 and WOW64☆184Updated 2 years ago
- ☆21Updated 2 years ago
- NtCreateUserProcess with CsrClientCallServer for mainstream Windows x64 version☆31Updated last year
- Finding Truth in the Shadows☆116Updated 2 years ago
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆47Updated 2 years ago
- Spoof the return address of any function call.☆11Updated last year
- ☆33Updated 2 years ago
- Small handy tool for crafting shellcodes by hand.☆18Updated 3 years ago
- Exploiting the KsecDD Windows driver through Server Silos☆73Updated 9 months ago