vxcall / kurLinks
a tiny code that performs kernel-mode read/write using CVE-2023-38817.
☆16Updated 5 months ago
Alternatives and similar repositories for kur
Users that are interested in kur are comparing it to the libraries listed below
Sorting:
- CVE-2022-3699 with arbitrary kernel code execution capability☆70Updated 2 years ago
- using wnbios64.sys for arbitrary r/w☆15Updated last year
- X86 Packer with Portable Executable compatibility.☆57Updated last month
- Exploit for eneio64.sys - Turning Physical Memory R/W into Virtual Memory R/W☆100Updated 2 weeks ago
- PoC exploit for HP Hardware Diagnostic's EtdSupp driver☆50Updated 2 years ago
- Small handy tool for crafting shellcodes by hand.☆18Updated 3 years ago
- Bring Your Own Vulnerable Driver for PatchGuard & Driver Signature Enforcement☆13Updated last year
- Dynamically generated obfuscated jumps and/or function calls☆36Updated 2 years ago
- ntoskrnl .data hooks for UM-KM communication☆51Updated last year
- Detect BypassUAC using AMSI☆26Updated 7 months ago
- IAT-Obfuscation to make static analysis of executable harder.☆44Updated 4 years ago
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆73Updated 2 years ago
- An improved version of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆72Updated 5 months ago
- Windows API Call Obfuscation☆109Updated 2 years ago
- ☆21Updated 3 years ago
- Compileable POC of namazso's x64 return address spoofer.☆50Updated 5 years ago
- Finding Truth in the Shadows☆116Updated 2 years ago
- windows rootkit☆61Updated last year
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆89Updated 2 years ago
- bootkit驱动映射,三环进程注入加载指定模块☆14Updated 11 months ago
- NtCreateUserProcess with CsrClientCallServer for mainstream Windows x64 version☆32Updated last year
- spoof return address☆77Updated 2 years ago
- Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post☆67Updated last year
- Hook all callbacks which are registered with LdrRegisterDllNotification☆90Updated 5 months ago
- silence file system monitoring components by hooking their minifilters☆59Updated last year
- Detours implementation (x64/x86) which used only ntdll import☆90Updated last year
- Implementation of several code injection techniques.☆24Updated 3 years ago
- Scan for potentially vulnerable drivers☆91Updated 3 years ago
- A fast method to intercept syscalls from any user-mode process using InstrumentationCallback and detect any process using Instrumentation…☆32Updated 2 years ago
- A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks.☆113Updated 3 years ago