a tiny code that performs kernel-mode read/write using CVE-2023-38817.
☆18Mar 28, 2025Updated 11 months ago
Alternatives and similar repositories for kur
Users that are interested in kur are comparing it to the libraries listed below
Sorting:
- Binary Ninja plugin to perform automated analysis of Windows drivers☆20Aug 8, 2019Updated 6 years ago
- C# asynchronous KCP protocol implementation. (ported from https://github.com/skywind3000/kcp)☆29Mar 16, 2022Updated 4 years ago
- Execute anything in a legit memory region by attacking a windows driver☆20Aug 20, 2023Updated 2 years ago
- Another Portable Executable files analysing stuff☆21May 28, 2011Updated 14 years ago
- Bring your own Unwind Data Framework☆77Mar 15, 2026Updated last week
- ☆31Oct 23, 2023Updated 2 years ago
- ☆13Dec 10, 2020Updated 5 years ago
- ☆35Nov 16, 2023Updated 2 years ago
- A method to hook driver control dispatches without triggering anti cheat detection from BE and EAC☆50Apr 7, 2021Updated 4 years ago
- Dump LSASS by spoofing command line arguments to procdump.☆20Oct 21, 2024Updated last year
- My Personal Kernel-Mode Process dumper☆14Feb 18, 2024Updated 2 years ago
- Communicate from ring-0 to ring-3 using NamedPipes.☆10Feb 22, 2023Updated 3 years ago
- ProcExp Driver (Ab)use☆22Dec 28, 2022Updated 3 years ago
- ☆11Nov 30, 2020Updated 5 years ago
- Develop macOS apps on Windows with seamless cross-platform tools.☆16Jun 5, 2025Updated 9 months ago
- ☆26Apr 24, 2025Updated 10 months ago
- Released alongside with a talk at REcon 2023, TheRestarter is an interactive command-line tool is designed to interact with the Windows …☆15Jun 8, 2023Updated 2 years ago
- ☆10Aug 26, 2021Updated 4 years ago
- simple driver to read and write☆20Apr 13, 2025Updated 11 months ago
- A little tool to play with Windows security☆12Jan 21, 2026Updated 2 months ago
- Simple dll injector that uses thread hijacking to execute the payload☆12Jul 7, 2022Updated 3 years ago
- Use powershell to getsystem with token dumplication☆10Dec 6, 2019Updated 6 years ago
- Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.☆28Sep 8, 2021Updated 4 years ago
- CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administr…☆14Dec 30, 2023Updated 2 years ago
- Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence☆63Jun 23, 2025Updated 8 months ago
- Kernel-based memory hacking framework communicating with a kernel driver via sockets.☆97May 25, 2021Updated 4 years ago
- Data and structures regarding the research done on WdFilter☆12Apr 15, 2020Updated 5 years ago
- A python tool to parse and describe the SDDL string.☆17Jan 5, 2026Updated 2 months ago
- Scrape GrayHat Warefare for leaked code signing certificates. Outputs certificate hashes to crack with JtR☆12Nov 25, 2023Updated 2 years ago
- A proof-of-concept to demonstrate randomized execution paths and their impact on call stack signatures — ideal for EDR testing, behavior-…☆24Jan 17, 2026Updated 2 months ago
- ☆15Mar 17, 2025Updated last year
- Proof of Concept Kernel-User Communication using System Thread.☆14Sep 24, 2023Updated 2 years ago
- ☆12Aug 10, 2019Updated 6 years ago
- A C Implementation for using a new method to invoke undetectable indirect syscalls☆20Dec 2, 2025Updated 3 months ago
- x86 and x64 assembly "read-eval-print loop" for Windows☆35Aug 13, 2017Updated 8 years ago
- Apex Legends External Cheat☆10Sep 18, 2021Updated 4 years ago
- ☆29Dec 29, 2022Updated 3 years ago
- Anti-rootkit works as a Windows system driver.☆13Mar 14, 2022Updated 4 years ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆14Jul 9, 2023Updated 2 years ago