zeze-zeze / WindowsKernelVuln

Related projects ⓘ

Alternatives and complementary repositories for WindowsKernelVuln

• zeze-zeze / 2023iThome
  ☆25Updated 10 months ago
• aaaddress1 / wowGrail
  PoC: Rebuild A New Path Back to the Heaven's Gate (HITB 2021)
  ☆101Updated 3 years ago
• zeze-zeze / CYBERSEC2023-BYOVD-Demo
  ☆29Updated last year
• DriverHunter / Win-Driver-EXP
  This repo contains EXPs about Vulnerable Windows Driver
  ☆19Updated 5 months ago
• jackullrich / syscall-detect
  PoC capable of detecting manual syscalls from usermode.
  ☆182Updated 3 years ago
• zeze-zeze / HITCON-2023-Demo-CVE-2023-20562
  ☆56Updated last year
• bluesadi / Heavens-Gate
  Heaven's Gate implementation in C for constructing x64 Win32 API call in x86 WoW64 processes.
  ☆67Updated 3 years ago
• m417z / LdrDllNotificationHook
  Hook all callbacks which are registered with LdrRegisterDllNotification
  ☆81Updated last year
• fortra / CVE-2022-37969
  Windows LPE exploit for CVE-2022-37969
  ☆130Updated last year
• jdu2600 / EtwTi-FluctuationMonitor
  Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections
  ☆95Updated last year
• jdu2600 / CFG-FindHiddenShellcode
  Walks the CFG bitmap to find previously executable but currently hidden shellcode regions
  ☆100Updated last year
• huoji120 / Etw-Syscall
  https://key08.com/index.php/2021/10/19/1375.html
  ☆62Updated 2 years ago
• aaaddress1 / wowInjector
  PoC: Exploit 32-bit Thread Snapshot of WOW64 to Take Over $RIP & Inject & Bypass Antivirus HIPS (HITB 2021)
  ☆160Updated 3 years ago
• alfarom256 / HPHardwareDiagnostics-PoC
  PoC exploit for HP Hardware Diagnostic's EtdSupp driver
  ☆50Updated last year
• A-Normal-User / Pretend_HideVirtualMemory
  利用物理内存映射，实现虚拟内存的伪隐藏
  ☆72Updated 2 years ago
• bopin2020 / WindowsCamp
  Windows Kernel Knowledge && Collect Resources on the wire && Nothing innovation by myself &&
  ☆51Updated 2 months ago
• Nero22k / cve-2023-29360
  Exploit for CVE-2023-29360 targeting MSKSSRV.SYS driver
  ☆143Updated last year
• aaaddress1 / SignThief
  Windows PE Signature Thief in C++
  ☆50Updated 4 years ago
• estimated1337 / lenovo_exec
  CVE-2022-3699 with arbitrary kernel code execution capability
  ☆70Updated last year
• gabriellandau / ShadowStackWalk
  Finding Truth in the Shadows
  ☆84Updated last year
• evilashz / PigSyscall
  An implementation of an indirect system call
  ☆116Updated last year
• Hagrid29 / BYOVDKit
  bring your own vulnerable driver
  ☆82Updated last year
• MahmoudZohdy / APICallProxy
  Windows API Call Obfuscation
  ☆86Updated last year
• BeneficialCode / KPPL
  Kill Protected Process Light Process (include av)
  ☆54Updated last year
• xforcered / Windows_MSKSSRV_LPE_CVE-2023-36802
  LPE exploit for CVE-2023-36802
  ☆22Updated last year
• D0pam1ne705 / Direct-NtCreateUserProcess
  Call NtCreateUserProcess directly as normal.
  ☆66Updated 2 years ago
• aplyc1a / PEMemoryLoader
  Load static-compiled PE from remote server.
  ☆58Updated 2 years ago
• eversinc33 / unKover
  PoC Anti-Rootkit/Anti-Cheat Driver.
  ☆157Updated last month
• st4ckh0und / hook-buster
  A compact tool for detecting AV/EDR hooks in default Windows libraries.
  ☆29Updated 2 years ago
• vportal / HEVD
  HackSysExtremeVulnerableDriver exploits for latest Windows 10 version
  ☆16Updated 2 years ago