zeze-zeze / WindowsKernelVuln

Related projects ⓘ

Alternatives and complementary repositories for WindowsKernelVuln

• zeze-zeze / 2023iThome
  ☆26Updated this week
• aaaddress1 / wowGrail
  PoC: Rebuild A New Path Back to the Heaven's Gate (HITB 2021)
  ☆102Updated 3 years ago
• zeze-zeze / CYBERSEC2023-BYOVD-Demo
  ☆29Updated last year
• DriverHunter / Win-Driver-EXP
  This repo contains EXPs about Vulnerable Windows Driver
  ☆19Updated 6 months ago
• zeze-zeze / HITCON-2023-Demo-CVE-2023-20562
  ☆57Updated last year
• jdu2600 / CFG-FindHiddenShellcode
  Walks the CFG bitmap to find previously executable but currently hidden shellcode regions
  ☆100Updated last year
• jackullrich / syscall-detect
  PoC capable of detecting manual syscalls from usermode.
  ☆183Updated 3 years ago
• bluesadi / Heavens-Gate
  Heaven's Gate implementation in C for constructing x64 Win32 API call in x86 WoW64 processes.
  ☆66Updated 3 years ago
• gabriellandau / ShadowStackWalk
  Finding Truth in the Shadows
  ☆84Updated last year
• aaaddress1 / wowInjector
  PoC: Exploit 32-bit Thread Snapshot of WOW64 to Take Over $RIP & Inject & Bypass Antivirus HIPS (HITB 2021)
  ☆160Updated 3 years ago
• jdu2600 / EtwTi-FluctuationMonitor
  Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections
  ☆95Updated last year
• alfarom256 / HPHardwareDiagnostics-PoC
  PoC exploit for HP Hardware Diagnostic's EtdSupp driver
  ☆50Updated last year
• aaaddress1 / SignThief
  Windows PE Signature Thief in C++
  ☆50Updated 4 years ago
• huoji120 / Etw-Syscall
  https://key08.com/index.php/2021/10/19/1375.html
  ☆62Updated 2 years ago
• fortra / CVE-2022-37969
  Windows LPE exploit for CVE-2022-37969
  ☆130Updated last year
• aplyc1a / PEMemoryLoader
  Load static-compiled PE from remote server.
  ☆58Updated 2 years ago
• helloobaby / spoofcall
  spoof return address
  ☆70Updated last year
• shaygitub / windows-rootkit
  windows rootkit
  ☆51Updated 6 months ago
• Hemogl0bin / drvscanner
  Scan for potentially vulnerable drivers
  ☆80Updated 2 years ago
• A-Normal-User / Pretend_HideVirtualMemory
  利用物理内存映射，实现虚拟内存的伪隐藏
  ☆73Updated 2 years ago
• bopin2020 / WindowsCamp
  Windows Kernel Knowledge && Collect Resources on the wire && Nothing innovation by myself &&
  ☆52Updated this week
• 66flags / inline-syscall
  A simple direct syscall wrapper written in C++ with compatibility for x86 and x64 programs.
  ☆42Updated last year
• zer0condition / Demystifying-PatchGuard
  Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…
  ☆106Updated last year
• D0pam1ne705 / Direct-NtCreateUserProcess
  Call NtCreateUserProcess directly as normal.
  ☆66Updated 2 years ago
• Tserith / Parasite
  Compact MBR Bootkit for Windows
  ☆44Updated 2 years ago
• xsh3llsh0ck / Deadwing
  SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.
  ☆67Updated last month
• cs1ime / DICHook
  Hook NtDeviceIoControlFile with PatchGuard
  ☆101Updated 2 years ago
• BeneficialCode / KPPL
  Kill Protected Process Light Process (include av)
  ☆54Updated last year
• tandasat / CVE-2023-36427
  Report and exploit of CVE-2023-36427
  ☆87Updated last year
• xforcered / Windows_MSKSSRV_LPE_CVE-2023-36802
  LPE exploit for CVE-2023-36802
  ☆22Updated last year