yardenshafir/IoRingReadWritePrimitive external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

yardenshafir/IoRingReadWritePrimitive

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/yardenshafir/IoRingReadWritePrimitive)

Close

yardenshafir / IoRingReadWritePrimitiveView on GitHubMore

• External links
• Readme badge

Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2

☆252Jul 5, 2022Updated 3 years ago

Alternatives and similar repositories for IoRingReadWritePrimitive

Users that are interested in IoRingReadWritePrimitive are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• vp777 / Windows-Non-Paged-Pool-Overflow-Exploitation

  View on GitHub
  Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CV…
  ☆262Sep 1, 2022Updated 3 years ago
• synacktiv / Windows-kernel-SegmentHeap-Aligned-Chunk-Confusion

  View on GitHub
  PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap
  ☆214Jul 2, 2020Updated 5 years ago
• Cr4sh / KernelForge

  View on GitHub
  A library to develop kernel level Windows payloads for post HVCI era
  ☆497May 18, 2021Updated 4 years ago
• floesen / KExecDD

  View on GitHub
  Admin to Kernel code execution using the KSecDD driver
  ☆264Apr 19, 2024Updated last year
• Sentinel-One / peafl64

  View on GitHub
  Static Binary Instrumentation tool for Windows x64 executables
  ☆205Sep 29, 2025Updated 6 months ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• gmh5225 / CallMeWin32kDriver

  View on GitHub
  Load your driver like win32k.sys
  ☆259Aug 20, 2022Updated 3 years ago
• connormcgarr / EATGuard

  View on GitHub
  Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)
  ☆115May 21, 2023Updated 2 years ago
• KaLendsi / CVE-2021-43224-POC

  View on GitHub
  Windows Common Log File System Driver POC
  ☆95Dec 21, 2021Updated 4 years ago
• fortra / CVE-2022-37969

  View on GitHub
  Windows LPE exploit for CVE-2022-37969
  ☆135Jul 11, 2023Updated 2 years ago
• ionescu007 / clfs-docs

  View on GitHub
  Unofficial Common Log File System (CLFS) Documentation
  ☆189Oct 5, 2021Updated 4 years ago
• chompie1337 / Windows_MSKSSRV_LPE_CVE-2023-36802

  View on GitHub
  LPE exploit for CVE-2023-36802
  ☆166Oct 10, 2023Updated 2 years ago
• alfarom256 / MCP-PoC

  View on GitHub
  Minifilter Callback Patching Proof-of-Concept
  ☆74Oct 31, 2022Updated 3 years ago
• waleedassar / ALPC_CLIENT_SERVER

  View on GitHub
  Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.
  ☆21Jan 25, 2022Updated 4 years ago
• KiFilterFiberContext / warbird-hook

  View on GitHub
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆268Aug 31, 2022Updated 3 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• WithSecureLabs / CallStackSpoofer

  View on GitHub
  A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)
  ☆563Apr 8, 2025Updated last year
• alfarom256 / CVE-2022-3699

  View on GitHub
  Lenovo Diagnostics Driver EoP - Arbitrary R/W
  ☆176Dec 5, 2022Updated 3 years ago
• alal4465 / Practical-Reverse-Engineering-Solutions

  View on GitHub
  Some drivers I've written while solving exercises from Practical Reverse Engineering
  ☆15Jan 9, 2022Updated 4 years ago
• xforcered / Windows_LPE_AFD_CVE-2023-21768

  View on GitHub
  LPE exploit for CVE-2023-21768
  ☆419Mar 8, 2023Updated 3 years ago
• sam-b / windows_kernel_address_leaks

  View on GitHub
  Examples of leaking Kernel Mode information from User Mode on Windows
  ☆637Jul 7, 2017Updated 8 years ago
• nccgroup / DetectWindowsCopyOnWriteForAPI

  View on GitHub
  Enumerate various traits from Windows processes as an aid to threat hunting
  ☆201Jan 13, 2022Updated 4 years ago
• kkent030315 / CVE-2022-42046

  View on GitHub
  CVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation via DKOM
  ☆162Dec 24, 2022Updated 3 years ago
• KiFilterFiberContext / warbird-obfuscator

  View on GitHub
  Integration of Microsoft Warbird with the MSVC compiler
  ☆134Jul 16, 2023Updated 2 years ago
• muturikaranja / kernel-windowless-wndproc-hook

  View on GitHub
  hooks gServerHandlers xxxEventWndProc
  ☆13May 1, 2022Updated 3 years ago
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• csandker / InterProcessCommunication-Samples

  View on GitHub
  Some Code Samples for Windows based Inter-Process-Communication (IPC)
  ☆211Feb 29, 2024Updated 2 years ago
• lowleveldesign / comon

  View on GitHub
  A WinDbg extension to trace COM interactions
  ☆131Aug 14, 2025Updated 7 months ago
• exploits-forsale / prefetch-tool

  View on GitHub
  Windows KASLR bypass using prefetch side-channel
  ☆179Apr 26, 2024Updated last year
• waleedassar / SimpleNTSyscallFuzzer

  View on GitHub
  ☆150Jan 25, 2024Updated 2 years ago
• yardenshafir / PoolViewer

  View on GitHub
  An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.
  ☆151Mar 2, 2023Updated 3 years ago
• vp777 / exploit-dev

  View on GitHub
  ☆12Aug 31, 2022Updated 3 years ago
• klezVirus / SilentMoonwalk

  View on GitHub
  PoC Implementation of a fully dynamic call stack spoofer
  ☆943Jul 20, 2024Updated last year
• yardenshafir / cet-research

  View on GitHub
  A collection of tools, source code, and papers researching Windows' implementation of CET.
  ☆90Oct 6, 2020Updated 5 years ago
• gabriellandau / ShadowStackWalk

  View on GitHub
  Finding Truth in the Shadows
  ☆126Jan 26, 2023Updated 3 years ago
• Wordpress hosting with auto-scaling on Cloudways • Ad
  Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
• Cracked5pider / Ekko

  View on GitHub
  Sleep Obfuscation
  ☆824Dec 3, 2023Updated 2 years ago
• noct-ml / DrvMon

  View on GitHub
  Advanced driver monitoring utility.
  ☆217Mar 7, 2026Updated last month
• FuzzySecurity / BulkBindex

  View on GitHub
  Winbindex bot to pull in binaries for specific releases
  ☆50Sep 15, 2023Updated 2 years ago
• chompie1337 / Windows_LPE_AFD_CVE-2023-21768

  View on GitHub
  LPE exploit for CVE-2023-21768
  ☆504Jul 10, 2023Updated 2 years ago
• silverf0x / RpcView

  View on GitHub
  RpcView is a free tool to explore and decompile Microsoft RPC interfaces
  ☆1,051Sep 24, 2023Updated 2 years ago
• KangD1W2 / CVE-2021-26868

  View on GitHub
  ☆11Apr 26, 2021Updated 4 years ago
• deepinstinct / Dirty-Vanity

  View on GitHub
  A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…
  ☆673Dec 23, 2022Updated 3 years ago