zeze-zeze / WindowsKernelVulnView external linksLinks
☆66May 25, 2023Updated 2 years ago
Alternatives and similar repositories for WindowsKernelVuln
Users that are interested in WindowsKernelVuln are comparing it to the libraries listed below
Sorting:
- Hook syscalls from ring0 without triggering PatchGuard☆24Oct 29, 2025Updated 3 months ago
- Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …☆53Dec 30, 2025Updated last month
- DSE & PG bypass via BYOVD attack☆77Jul 12, 2025Updated 7 months ago
- ☆85Mar 2, 2025Updated 11 months ago
- Elevate arbitrary MSR writes to kernel execution.☆44Sep 3, 2023Updated 2 years ago
- ☆61Aug 21, 2023Updated 2 years ago
- ☆12Jun 30, 2019Updated 6 years ago
- ☆67Sep 16, 2022Updated 3 years ago
- 正确解析 _HEAP_VS_***符号 ,支持在最新win11 24h2 运行,替换windbg自带的!pool命令☆17Nov 30, 2024Updated last year
- just proof of concept. hooking MmCopyMemory PG safe.☆81Nov 13, 2023Updated 2 years ago
- a tool used to analyze and monitor in named pipes☆193Oct 27, 2024Updated last year
- ☆21Jan 15, 2025Updated last year
- Windows kernel driver that detects hypervisors by probing SIDT/LIDT edge cases, paging/TLB behaviors, privilege transitions, and timing e…☆36Dec 17, 2025Updated last month
- ☆25Jan 6, 2025Updated last year
- ☆18Mar 28, 2023Updated 2 years ago
- Vulnerable driver research tool, result and exploit PoCs☆228Nov 1, 2023Updated 2 years ago
- This repo contains EXPs about Vulnerable Windows Driver☆47May 22, 2024Updated last year
- driver that communicates using a shared section☆86Mar 17, 2025Updated 10 months ago
- An x64 page table iterator written in C++ as a kernel mode windows driver.☆117May 25, 2021Updated 4 years ago
- Cheat for my own game SecureGame which uses a bootkit to hyperjack Hyper-V in order to access VBS enclave's memory☆103Dec 8, 2024Updated last year
- Executes Read/Write process memory with `NtQueryCompositionSurfaceStatistics`☆22Feb 10, 2024Updated 2 years ago
- Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections☆166May 17, 2023Updated 2 years ago
- CVE-2022-3699 with arbitrary kernel code execution capability☆71Dec 27, 2022Updated 3 years ago
- .lib file for linking against the NT CRT☆18Mar 18, 2022Updated 3 years ago
- A tool that is used to hunt vulnerabilities in x64 WDM drivers☆436Dec 7, 2025Updated 2 months ago
- Exploitable drivers, you know what I mean☆153Nov 16, 2025Updated 2 months ago
- ☆24May 26, 2021Updated 4 years ago
- ☆21Apr 5, 2025Updated 10 months ago
- anti cheat drv open source☆19Apr 18, 2024Updated last year
- Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executabl…☆382Jan 29, 2022Updated 4 years ago
- Based on physmeme☆74Apr 30, 2022Updated 3 years ago
- Lenovo Diagnostics Driver EoP - Arbitrary R/W☆177Dec 5, 2022Updated 3 years ago
- 可在非测试模式下符号化读取内核内存。Kernel memory can be read symbolically in non test mode。☆109Sep 1, 2022Updated 3 years ago
- WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API☆26Apr 24, 2022Updated 3 years ago
- An advanced DKOM for drivers with "DRIVER_OBJECT"☆22Feb 19, 2023Updated 2 years ago
- Admin to Kernel code execution using the KSecDD driver☆264Apr 19, 2024Updated last year
- A somewhat wide collection of various kernelmode-usermode communication methods in one repository (mainly just for learning purposes).☆383Sep 18, 2019Updated 6 years ago
- HackSysExtremeVulnerableDriver exploits for latest Windows 10 version☆26Jan 13, 2026Updated last month
- Translate virtual addresses to physical addresses from usermode.☆101Jun 7, 2024Updated last year