zer0condition / ZeroThreadKernel
Recursive and arbitrary code execution at kernel-level without a system thread creation
☆154Updated last year
Related projects ⓘ
Alternatives and complementary repositories for ZeroThreadKernel
- PoC Anti-Rootkit/Anti-Cheat Driver.☆160Updated 2 months ago
- Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!☆224Updated 4 months ago
- manual map unsigned driver over signed memory☆183Updated 7 months ago
- ☆225Updated 2 months ago
- Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling withou…☆178Updated 3 weeks ago
- Inline syscalls made for MSVC supporting x64 and WOW64☆175Updated last year
- State of the art DLL injector that took 20 minutes to make☆207Updated last year
- Using Windows' own bootloader as a shim to bypass Secure Boot☆142Updated 4 months ago
- Admin to Kernel code execution using the KSecDD driver☆236Updated 7 months ago
- Block any Process to open HANDLE to your process , only SYTEM is allowed to open handle to your process ,with that you can avoid remote m…☆165Updated last year
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆106Updated last year
- Windows x64 kernel mode rootkit process hollowing POC.☆182Updated last year
- Implementation of Advanced Module Stomping and Heap/Stack Encryption☆210Updated last year
- Bypassing PatchGuard on modern x64 systems☆245Updated last year
- Create a new thread that will suspend every thread and encrypt its stack, then going to sleep , then decrypt the stacks and resume thread…☆156Updated last year
- Walks the CFG bitmap to find previously executable but currently hidden shellcode regions☆100Updated last year
- Scan for potentially vulnerable drivers☆80Updated 2 years ago
- simple Windows handle hijacker with a nod to Apxaey for inspiration☆201Updated last year
- Lenovo Diagnostics Driver EoP - Arbitrary R/W☆169Updated last year
- Reverse engineering winapi function loadlibrary.☆70Updated last year
- spoof return address☆70Updated last year
- SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.☆67Updated last month
- Abusing nvidia driver (nvoclock.sys) for physical/virtual memory and control register manipulation.☆245Updated last year
- DSE & PG bypass via BYOVD attack☆37Updated 7 months ago
- Finding Truth in the Shadows☆84Updated last year
- A list of excellent resources for anyone to deepen their understanding with regards to Windows Kernel Exploitation and general low level …☆123Updated 2 years ago
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆261Updated last month
- A simple direct syscall wrapper written in C++ with compatibility for x86 and x64 programs.☆42Updated last year
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆93Updated last year
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆237Updated 2 years ago