Usermode exploit to bypass any AC using a 0day shatter attack.
☆261Nov 26, 2025Updated 3 months ago
Alternatives and similar repositories for WaryasSWHE
Users that are interested in WaryasSWHE are comparing it to the libraries listed below
Sorting:
- Demonstrates consuming from a SecurityTrace ETW session by consuming from the Threat-Intelligence ETW provider without a driver or PPL pr…☆68Jan 19, 2026Updated last month
- ☆95Oct 25, 2025Updated 4 months ago
- Achieving code execution through abusing vectored exception handling☆17May 28, 2023Updated 2 years ago
- Abusing DDMA alongside Copy On Write for Cross Process Code Execution for a 3000$ Bug Bounty☆88Feb 1, 2026Updated last month
- WinDbg-ext-MCP bridges your favorite LLM client (like Cursor, Claude, or VS Code) with WinDbg, enabling real-time, AI assisted kernel deb…☆79Sep 10, 2025Updated 5 months ago
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆30Sep 24, 2025Updated 5 months ago
- VMProtect2 Deobfuscation Tooling☆90Nov 12, 2025Updated 3 months ago
- 在线安软识别☆12Aug 6, 2025Updated 7 months ago
- ☆366May 11, 2025Updated 9 months ago
- Hooking Windows' exception dispatcher to protect process's PML4☆227Jan 24, 2025Updated last year
- Fuzzing Harness and Unpatched Crash Results from Fuzzing Defender MpEngine☆41Jul 29, 2025Updated 7 months ago
- nmi stackwalking + module verification☆163Dec 28, 2023Updated 2 years ago
- Hells Hollow Windows 11 Rootkit technique to Hook the SSDT via Alt Syscalls☆218Aug 31, 2025Updated 6 months ago
- Hijacking Hyper-V at Runtime with DDMA☆90Aug 13, 2025Updated 6 months ago
- COM-based DLL Surrogate Injection☆142Dec 9, 2025Updated 3 months ago
- Awesome MalDev Links☆41Mar 2, 2026Updated last week
- A Windows C++ OLE/COM Object explorer written in WTL.☆16Feb 28, 2025Updated last year
- tests to catch some sloppy hv impls☆32Dec 17, 2025Updated 2 months ago
- Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.☆28Sep 8, 2021Updated 4 years ago
- process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread☆31Jan 9, 2022Updated 4 years ago
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆43Apr 6, 2025Updated 11 months ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆194Feb 6, 2025Updated last year
- about how to make a anti-virus engine☆106May 22, 2025Updated 9 months ago
- ☆86Jan 21, 2025Updated last year
- Windows kernel ROP-only implant exposing R/W primitives☆44Feb 1, 2026Updated last month
- SilentButDeadly is a network communication blocker specifically designed to neutralize EDR/AV software by preventing their cloud connecti…☆441Nov 3, 2025Updated 4 months ago
- A unique introduction to native runtime obfuscation.☆75Mar 2, 2025Updated last year
- Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling withou…☆253Oct 26, 2024Updated last year
- find dll base addresses without PEB WALK☆161Jul 13, 2025Updated 7 months ago
- C++ macro for x64 programs that breaks ida hex-rays decompiler tool.☆140Apr 12, 2024Updated last year
- Using MMIO (Memory-Mapped I/O) to read TPM 2.0 public Endorsement Key.☆54May 29, 2024Updated last year
- ☆24Jul 15, 2023Updated 2 years ago
- ☆23Oct 18, 2021Updated 4 years ago
- .data ptr swapper for newer win32k versions. (Supports Windows 11)☆37Jan 19, 2026Updated last month
- Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…☆93Jul 7, 2025Updated 8 months ago
- PoC Implementation of a fully dynamic call stack spoofer☆921Jul 20, 2024Updated last year
- VTIL2 is a ground-up reimagination of the VTIL Project, completely rewritten in modern C# with enterprise-grade architecture, performance…☆66Oct 29, 2025Updated 4 months ago
- How to use PiDqSerializationWrite. Introduces how to safely read and write from mapped driver☆26May 29, 2023Updated 2 years ago
- Slaying multi-language LLVM IR with obfuscation passes to achieve JIT execution☆130Dec 24, 2025Updated 2 months ago