Some of my windows kernel exploits for learning purposes
☆137May 18, 2022Updated 3 years ago
Alternatives and similar repositories for windows-kernel-exploits
Users that are interested in windows-kernel-exploits are comparing it to the libraries listed below
Sorting:
- ☆149Jun 5, 2023Updated 2 years ago
- Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2☆250Jul 5, 2022Updated 3 years ago
- A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and re…☆32Aug 23, 2023Updated 2 years ago
- ☆113May 24, 2022Updated 3 years ago
- PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap☆215Jul 2, 2020Updated 5 years ago
- OSED Practice binary☆25Nov 23, 2023Updated 2 years ago
- ☆153Jul 31, 2022Updated 3 years ago
- Sleep Obfuscation☆816Dec 3, 2023Updated 2 years ago
- HEVD Exploit: BufferOverflowNonPagedPoolNx on Windows 10 22H2 - Escalating from Low Integrity to SYSTEM via Aligned Chunk Confusion☆65Apr 22, 2025Updated 10 months ago
- Performing Indirect Clean Syscalls☆605Apr 19, 2023Updated 2 years ago
- Kernel Exploits☆260Jul 18, 2021Updated 4 years ago
- PoCs and tools for investigation of Windows process execution techniques☆952Feb 2, 2026Updated 3 weeks ago
- A variation CredBandit that uses compression to reduce the size of the data that must be trasnmitted.☆19Jun 24, 2021Updated 4 years ago
- ☆85Jan 12, 2022Updated 4 years ago
- A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC☆374May 24, 2022Updated 3 years ago
- Leaked Windows processes handles identification tool☆291Mar 14, 2022Updated 3 years ago
- Kernel mode WinDbg extension and PoCs for token privilege investigation.☆900Jan 21, 2025Updated last year
- ☆59Jun 8, 2022Updated 3 years ago
- ☆26Sep 29, 2022Updated 3 years ago
- Tools and PoCs for Windows syscall investigation.☆368Dec 2, 2025Updated 2 months ago
- ☆118Aug 7, 2022Updated 3 years ago
- ☆41Feb 20, 2025Updated last year
- ☆333Sep 21, 2025Updated 5 months ago
- Notes, exploits, and other stuff that I create while learning Linux Kernel exploitation techniques☆96Mar 21, 2023Updated 2 years ago
- A bridge to launch managed applications (.NET) into MS signed exe via dll injection☆13Aug 29, 2020Updated 5 years ago
- ☆12Jun 22, 2022Updated 3 years ago
- Learn Winapi in this Repo with examples, to understand its abstraction in reverse engineering for Windows.☆11Aug 8, 2022Updated 3 years ago
- Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CV…☆258Sep 1, 2022Updated 3 years ago
- ☆313May 16, 2022Updated 3 years ago
- Linux Kernel N-day Exploit/Analysis.☆65Oct 21, 2024Updated last year
- A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)☆557Apr 8, 2025Updated 10 months ago
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆119Apr 8, 2023Updated 2 years ago
- Implementation of several code injection techniques.☆24Mar 12, 2022Updated 3 years ago
- Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.☆936Mar 29, 2022Updated 3 years ago
- ☆777Oct 17, 2023Updated 2 years ago
- ☆1,787Aug 30, 2024Updated last year
- vulnerable windows binaries for exploitation practice☆49Jun 6, 2022Updated 3 years ago
- Some stuff for PHD2021☆14May 21, 2025Updated 9 months ago
- Cobalt Strike UDRL for memory scanner evasion.☆1,006Jun 4, 2024Updated last year