Windows 11 kernel research framework demonstrating DSE bypass on Windows 11 25H2 through boot-time execution. Loads unsigned drivers by surgically patching SeCiCallbacks via native subsystem. Includes anti-loop protection and dual-path architecture. Windows 11 25H2 driver signature enforcement bypass
β245Apr 9, 2026Updated 2 months ago
Alternatives and similar repositories for KernelResearchKit
Users that are interested in KernelResearchKit are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- π¬ IDA plugin to find patched memoryβ90Jun 1, 2026Updated last month
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.β107Feb 25, 2025Updated last year
- Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in β¦β59Dec 30, 2025Updated 6 months ago
- Harness to issue Virtual Secure Mode (VSM) "secure calls" from VTL 0 to VTL 1β81Sep 8, 2025Updated 9 months ago
- Minimalistic HTTP(S) client for the NT kernelβ61Dec 1, 2025Updated 7 months ago
- Managed Kubernetes at scale on DigitalOcean β’ AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Implementing Ghostly-Hollowing using tampered syscalls for remote PE injectionβ74Dec 26, 2025Updated 6 months ago
- vm_str.hpp is a header only string obfuscator.β113Aug 24, 2025Updated 10 months ago
- kASLR bypass technique on Intel CPUs.β34May 18, 2025Updated last year
- Surgical UNWIND_INFO preservation for sleep masking without call stack spoofing.β55Mar 30, 2026Updated 3 months ago
- β103Oct 25, 2025Updated 8 months ago
- LibWinHttp is a simplified WinHTTP wrapper designed as a Crystal Palace shared library for implant development. Its primary purpose is toβ¦β45Nov 4, 2025Updated 7 months ago
- A serie of exploits targeting eneio64.sys - Turning Physical Memory R/W into Virtual Memory R/Wβ121Oct 19, 2025Updated 8 months ago
- Shellcode capable of bypassing EAF / IAF mitigationsβ30Apr 11, 2023Updated 3 years ago
- sigreturn-oriented(SROP) based sleep obfuscation poc for Linuxβ70Dec 15, 2025Updated 6 months ago
- Deploy on Railway without the complexity - Free Credits Offer β’ AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- KVC enables unsigned driver loading via DSE bypass (g_CiOptions patch, skci.dll hijack, SeCiCallbacks redirection) and PP/PPL manipulatioβ¦β285May 28, 2026Updated last month
- Monitor Kernel pool allocations tagsβ79May 30, 2026Updated last month
- Hotkey-based keylogger for Windowsβ33Oct 17, 2024Updated last year
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.β168Jul 30, 2025Updated 11 months ago
- Windows kernel driver that detects hypervisors by probing SIDT/LIDT edge cases, paging/TLB behaviors, privilege transitions, and timing eβ¦β47Mar 3, 2026Updated 3 months ago
- Automatic vtable detection, inheritance analysis, and function override tracking for reverse engineering compiled C++ binaries. Supports β¦β141Mar 13, 2026Updated 3 months ago
- Tor transport bridge for Sliver C2 - anonymous command and controlβ47Jan 20, 2026Updated 5 months ago
- An IDA Hex-Rays microcode filter that lifts AVX/AVX2/AVX-512/AVX10 and VMX/VT-x instructions to intrinsics.β97Jun 17, 2026Updated 2 weeks ago
- Advanced PoC & Research for CVE-2026-0828 (Safetica) and CVE-2025-7771 (ThrottleStop). Analysis of BYOVD (Bring Your Own Vulnerable Driveβ¦β43Feb 4, 2026Updated 4 months ago
- Virtual machines for every use case on DigitalOcean β’ AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Create stealthy, inline, EPT-like hooks using SMAP and SMEPβ64Oct 19, 2024Updated last year
- Abusing DDMA alongside Copy On Write for Cross Process Code Execution for a 3000$ Bug Bountyβ102Feb 1, 2026Updated 4 months ago
- BOF to decrypt Signal Desktop chat logsβ70Feb 20, 2025Updated last year
- 巨瑬β17Oct 4, 2023Updated 2 years ago
- Windows Error Reporting ALPC Elevation of Privilege (CVE-2026-20817) - Proof-of-Concept exploit demonstrating local privilege escalation β¦β126Feb 19, 2026Updated 4 months ago
- Control Flow Linearizationβ26May 4, 2025Updated last year
- Anti-Rootkit/Anti-Cheat Driver to uncover unbacked or hidden kernel code.β336Mar 12, 2026Updated 3 months ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.β68May 2, 2023Updated 3 years ago
- β18Jan 11, 2026Updated 5 months ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits β’ AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- nmi stackwalking + module verificationβ171Dec 28, 2023Updated 2 years ago
- Selective In-Memory Syscall Unhooking, a stealthy method to bypass user-mode hooks in ntdll.dllβ41Mar 11, 2026Updated 3 months ago
- BOF to impersonate TrustedInstaller via DISM API trigger and thread impersonationβ134Mar 27, 2026Updated 3 months ago
- A bin2bin code virtualizer for x86-64 PE'sβ158Jun 6, 2026Updated 3 weeks ago
- Very easy to use pdb parsing library with only one header fileοΌYou can use it even if you are a fool.β12Feb 12, 2026Updated 4 months ago
- Structor is a Hex-Rays plugin that synthesizes C structures from raw pointer arithmetic.β92Apr 28, 2026Updated 2 months ago
- Coefficient-Based Reconstruction of Arithmetic β a Mixed Boolean-Arithmetic (MBA) expression simplifier for deobfuscationβ293Jun 10, 2026Updated 3 weeks ago