Alternatives and similar repositories for windows-kernel-exploits

Users that are interested in windows-kernel-exploits are comparing it to the libraries listed below

• Bw3ll / ROP_ROCKET
  ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…
  ☆164Updated last month
• yardenshafir / IoRingReadWritePrimitive
  Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2
  ☆246Updated 3 years ago
• zerozenxlabs / CVE-2023-36424
  Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation
  ☆128Updated last year
• exploits-forsale / prefetch-tool
  Windows KASLR bypass using prefetch side-channel
  ☆173Updated last year
• fortra / CVE-2022-37969
  Windows LPE exploit for CVE-2022-37969
  ☆136Updated 2 years ago
• TakahiroHaruyama / VDR
  Vulnerable driver research tool, result and exploit PoCs
  ☆227Updated 2 years ago
• CaledoniaProject / drivers-binaries
  Exploitable drivers, you know what I mean
  ☆153Updated 2 months ago
• VoidSec / Exploit-Development
  Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)
  ☆236Updated 2 years ago
• jonaslyk / exploitkitpub
  ☆98Updated 4 years ago
• sathwikch / windows-exploitation
  ☆55Updated 7 years ago
• ommadawn46 / HEVD-BufferOverflowNonPagedPoolNx-Win10-22H2
  HEVD Exploit: BufferOverflowNonPagedPoolNx on Windows 10 22H2 - Escalating from Low Integrity to SYSTEM via Aligned Chunk Confusion
  ☆65Updated 9 months ago
• 0vercl0k / rp-bf.rs
  rp-bf: A library to bruteforce ROP gadgets by emulating a Windows user-mode crash-dump
  ☆121Updated last year
• waleedassar / RestrictedKernelLeaks
  ☆163Updated 4 years ago
• connormcgarr / Kernel-Exploits
  Kernel Exploits
  ☆260Updated 4 years ago
• waleedassar / SimpleNTSyscallFuzzer
  ☆149Updated 2 years ago
• fortra / CVE-2023-28252
  ☆179Updated 2 years ago
• forrest-orr / Exploits
  A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in c…
  ☆123Updated 3 years ago
• exploits-forsale / 24h2-nt-exploit
  Exploit targeting NT kernel in 24H2 Windows Insider Preview
  ☆149Updated last year
• VoidSec / ioctlpus
  IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).
  ☆95Updated 4 years ago
• D4m0n / CVE-2025-50168-pwn2own-berlin-2025
  CVE-2025-50168 Exploit PoC — Pwn2Own Berlin 2025 - LPE(Windows 11) winning bug.
  ☆139Updated 2 months ago
• xforcered / Windows_MSKSSRV_LPE_CVE-2023-36802
  LPE exploit for CVE-2023-36802
  ☆24Updated 2 years ago
• Sentinel-One / peafl64
  Static Binary Instrumentation tool for Windows x64 executables
  ☆207Updated 4 months ago
• ucsb-seclab / popkorn-artifact
  ☆85Updated 5 months ago
• 20urc3 / Aplos
  Aplos an extremely simple fuzzer for Windows binaries.
  ☆68Updated 11 months ago
• hugsy / recon_2024_windbg_workshop
  ☆74Updated last year
• Nero22k / Exploits
  Repo with different exploits & PoCs
  ☆66Updated 8 months ago
• daem0nc0re / SharpWnfSuite
  C# Utilities for Windows Notification Facility
  ☆159Updated 9 months ago
• 0x00Jeff / BetterGetProcAddress
  POC of a better implementation of GetProcAddress for ntdll using binary search
  ☆111Updated last year
• alfarom256 / CVE-2022-3699
  Lenovo Diagnostics Driver EoP - Arbitrary R/W
  ☆175Updated 3 years ago
• riskydissonance / SyscallsExample
  Simple project using syscalls (via Syswhispers2) to execute MessageBox shellcode.
  ☆75Updated 4 years ago