zeze-zeze / WindowsKernelVuln
☆44Updated last year
Related projects ⓘ
Alternatives and complementary repositories for WindowsKernelVuln
- ☆25Updated 10 months ago
- PoC: Rebuild A New Path Back to the Heaven's Gate (HITB 2021)☆101Updated 3 years ago
- ☆29Updated last year
- This repo contains EXPs about Vulnerable Windows Driver☆19Updated 5 months ago
- PoC capable of detecting manual syscalls from usermode.☆182Updated 3 years ago
- ☆56Updated last year
- Heaven's Gate implementation in C for constructing x64 Win32 API call in x86 WoW64 processes.☆67Updated 3 years ago
- Hook all callbacks which are registered with LdrRegisterDllNotification☆81Updated last year
- Windows LPE exploit for CVE-2022-37969☆130Updated last year
- Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections☆95Updated last year
- Walks the CFG bitmap to find previously executable but currently hidden shellcode regions☆100Updated last year
- https://key08.com/index.php/2021/10/19/1375.html☆62Updated 2 years ago
- PoC: Exploit 32-bit Thread Snapshot of WOW64 to Take Over $RIP & Inject & Bypass Antivirus HIPS (HITB 2021)☆160Updated 3 years ago
- PoC exploit for HP Hardware Diagnostic's EtdSupp driver☆50Updated last year
- 利用物理内存映射,实现虚拟内存的伪隐藏☆72Updated 2 years ago
- Windows Kernel Knowledge && Collect Resources on the wire && Nothing innovation by myself &&☆51Updated 2 months ago
- Exploit for CVE-2023-29360 targeting MSKSSRV.SYS driver☆143Updated last year
- Windows PE Signature Thief in C++☆50Updated 4 years ago
- CVE-2022-3699 with arbitrary kernel code execution capability☆70Updated last year
- Finding Truth in the Shadows☆84Updated last year
- An implementation of an indirect system call☆116Updated last year
- bring your own vulnerable driver☆82Updated last year
- Windows API Call Obfuscation☆86Updated last year
- Kill Protected Process Light Process (include av)☆54Updated last year
- LPE exploit for CVE-2023-36802☆22Updated last year
- Call NtCreateUserProcess directly as normal.☆66Updated 2 years ago
- Load static-compiled PE from remote server.☆58Updated 2 years ago
- PoC Anti-Rootkit/Anti-Cheat Driver.☆157Updated last month
- A compact tool for detecting AV/EDR hooks in default Windows libraries.☆29Updated 2 years ago
- HackSysExtremeVulnerableDriver exploits for latest Windows 10 version☆16Updated 2 years ago