xsh3llsh0ck / MilkBoxView external linksLinks
Tool to dump EFI runtime drivers.
☆39Feb 23, 2024Updated last year
Alternatives and similar repositories for MilkBox
Users that are interested in MilkBox are comparing it to the libraries listed below
Sorting:
- Another UEFI runtime bootkit☆36May 8, 2023Updated 2 years ago
- SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.☆115Oct 15, 2024Updated last year
- Small driver that uses alternative syscalls feature (the project is still under development).☆18May 9, 2024Updated last year
- Example of using Windows Platform Binary Table (WPBT)☆27Jul 9, 2023Updated 2 years ago
- A utility that can be used to launch an executable with a DLL injected☆19Nov 20, 2023Updated 2 years ago
- An advanced DKOM for drivers with "DRIVER_OBJECT"☆22Feb 19, 2023Updated 2 years ago
- ☆12Jun 30, 2019Updated 6 years ago
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆79Dec 21, 2022Updated 3 years ago
- devirtualizer for memevm☆17May 26, 2020Updated 5 years ago
- ☆35Dec 21, 2023Updated 2 years ago
- PAGE_GUARD based hooking library☆52Jul 25, 2022Updated 3 years ago
- ☆24Aug 27, 2021Updated 4 years ago
- A demonstration of hooking into the VMProtect-2 virtual machine☆23Nov 9, 2023Updated 2 years ago
- A mechanism that trampoline hooks functions in x86/x64 systems.☆21Oct 9, 2024Updated last year
- Exploits with pwntools library in Python3. ROP, BOF, SHELLCODE.☆20Feb 2, 2024Updated 2 years ago
- A post-processing script for TinyTracer☆39Mar 22, 2023Updated 2 years ago
- ☆22Oct 18, 2023Updated 2 years ago
- the Open Source and Pure C++ Packer for eXecutables☆21Mar 25, 2023Updated 2 years ago
- PoC over some VMP features☆24Jul 26, 2025Updated 6 months ago
- Bypassing kernel patch protection runtime☆21Feb 19, 2023Updated 2 years ago
- simple trampoline hooking PoC☆14Nov 8, 2023Updated 2 years ago
- Exploit POC for CVE-2024-36877☆48Aug 14, 2024Updated last year
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆68Aug 11, 2023Updated 2 years ago
- EFI bootkit for loading unsigned drivers☆35Jun 28, 2024Updated last year
- Resolve DOS MZ executable symbols at runtime☆96Nov 12, 2021Updated 4 years ago
- ☆264Sep 2, 2025Updated 5 months ago
- An adaptation of timwhitez's proxycall that uses kernelbase.dll!Beep.☆16Nov 1, 2023Updated 2 years ago
- Exploit for CVE-2024-3273, supports single and multiple hosts☆13Apr 7, 2024Updated last year
- hide data in no_access memory pages☆13Jun 5, 2024Updated last year
- Volatility 3 plugins to extract a module as complete as possible☆12Jun 13, 2023Updated 2 years ago
- Leveraging Platform Trust Technology (PTT) to defeat Driver Signing Enforcement (DSE) to run Kernel Drivers (KMDF) with Secure Boot Enabl…☆13Aug 22, 2022Updated 3 years ago
- This project demonstrating multiple protection and anti-analysis techniques, including self-modifying code.☆14Oct 9, 2023Updated 2 years ago
- ☆11Apr 18, 2024Updated last year
- Scan websites CSP policies and visualise their vunlnerabilities from a dashboard☆13Mar 11, 2025Updated 11 months ago
- Repository of vulnerabilities disclosed by ESET☆29Jul 13, 2022Updated 3 years ago
- VMProtect, VMP, Devirter, 3,5☆113Jan 30, 2023Updated 3 years ago
- A C++17 framework designed to enable obfuscation of constants, variables, and strings.☆23Nov 6, 2023Updated 2 years ago
- SMM UEFI module and client for UMD privilege escalation☆65May 29, 2025Updated 8 months ago
- x64 Windows implementation of virtual-address to physical-address translation☆46Jun 3, 2021Updated 4 years ago