zeze-zeze / WindowsKernelVuln
☆44Updated last year
Related projects ⓘ
Alternatives and complementary repositories for WindowsKernelVuln
- ☆26Updated this week
- PoC: Rebuild A New Path Back to the Heaven's Gate (HITB 2021)☆102Updated 3 years ago
- ☆29Updated last year
- This repo contains EXPs about Vulnerable Windows Driver☆19Updated 6 months ago
- ☆57Updated last year
- Walks the CFG bitmap to find previously executable but currently hidden shellcode regions☆100Updated last year
- PoC capable of detecting manual syscalls from usermode.☆183Updated 3 years ago
- Heaven's Gate implementation in C for constructing x64 Win32 API call in x86 WoW64 processes.☆66Updated 3 years ago
- Finding Truth in the Shadows☆84Updated last year
- PoC: Exploit 32-bit Thread Snapshot of WOW64 to Take Over $RIP & Inject & Bypass Antivirus HIPS (HITB 2021)☆160Updated 3 years ago
- Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections☆95Updated last year
- PoC exploit for HP Hardware Diagnostic's EtdSupp driver☆50Updated last year
- Windows PE Signature Thief in C++☆50Updated 4 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆62Updated 2 years ago
- Windows LPE exploit for CVE-2022-37969☆130Updated last year
- Load static-compiled PE from remote server.☆58Updated 2 years ago
- spoof return address☆70Updated last year
- windows rootkit☆51Updated 6 months ago
- Scan for potentially vulnerable drivers☆80Updated 2 years ago
- 利用物理内存映射,实现虚拟内存的伪隐藏☆73Updated 2 years ago
- Windows Kernel Knowledge && Collect Resources on the wire && Nothing innovation by myself &&☆52Updated this week
- A simple direct syscall wrapper written in C++ with compatibility for x86 and x64 programs.☆42Updated last year
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆106Updated last year
- Call NtCreateUserProcess directly as normal.☆66Updated 2 years ago
- Compact MBR Bootkit for Windows☆44Updated 2 years ago
- SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.☆67Updated last month
- Hook NtDeviceIoControlFile with PatchGuard☆101Updated 2 years ago
- Kill Protected Process Light Process (include av)☆54Updated last year
- Report and exploit of CVE-2023-36427☆87Updated last year
- LPE exploit for CVE-2023-36802☆22Updated last year