zeze-zeze/ioctlance

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/zeze-zeze/ioctlance)

zeze-zeze / ioctlance

A tool that is used to hunt vulnerabilities in x64 WDM drivers

☆441

Alternatives and similar repositories for ioctlance

Users that are interested in ioctlance are comparing it to the libraries listed below

Sorting:

floesen / KExecDD
View on GitHub
Admin to Kernel code execution using the KSecDD driver
☆264Apr 19, 2024Updated last year
janoglezcampos / llvm-yx-callobfuscator
View on GitHub
LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
☆324Jan 17, 2024Updated 2 years ago
ucsb-seclab / popkorn-artifact
View on GitHub
☆90Aug 16, 2025Updated 6 months ago
waleedassar / SimpleNTSyscallFuzzer
View on GitHub
☆149Jan 25, 2024Updated 2 years ago
exploits-forsale / prefetch-tool
View on GitHub
Windows KASLR bypass using prefetch side-channel
☆178Apr 26, 2024Updated last year
0vercl0k / symbolizer-rs
View on GitHub
A fast execution trace symbolizer for Windows that runs on all major platforms and doesn't depend on any Microsoft libraries.
☆100Jan 3, 2026Updated 2 months ago
eversinc33 / Banshee
View on GitHub
Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.
☆591Aug 2, 2025Updated 7 months ago
GetRektBoy724 / DCMB
View on GitHub
Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!
☆251Jul 9, 2024Updated last year
eversinc33 / unKover
View on GitHub
Anti-Rootkit/Anti-Cheat Driver to uncover unbacked or hidden kernel code.
☆297Dec 10, 2025Updated 2 months ago
senzee1984 / InflativeLoading
View on GitHub
Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.
☆325Apr 12, 2024Updated last year
klezVirus / DriverJack
View on GitHub
Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths
☆360Aug 11, 2024Updated last year
zeze-zeze / NamedPipeMaster
View on GitHub
a tool used to analyze and monitor in named pipes
☆194Oct 27, 2024Updated last year
es3n1n / obfuscator
View on GitHub
PE (and elf now!) bin2bin obfuscator
☆823Oct 11, 2025Updated 4 months ago
klezVirus / RpcProxyInvoke
View on GitHub
Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar
☆137Aug 10, 2024Updated last year
EgeBalci / deoptimizer
View on GitHub
Evasion by machine code de-optimization.
☆417Jul 22, 2024Updated last year
Cr4sh / KernelForge
View on GitHub
A library to develop kernel level Windows payloads for post HVCI era
☆487May 18, 2021Updated 4 years ago
S3cur3Th1sSh1t / Caro-Kann
View on GitHub
Encrypted shellcode Injection to avoid Kernel triggered memory scans
☆406Sep 12, 2023Updated 2 years ago
passthehashbrowns / VectoredExceptionHandling
View on GitHub
☆108Aug 21, 2024Updated last year
ColeHouston / Sunder
View on GitHub
Windows rootkit designed to work with BYOVD exploits
☆216Jan 18, 2025Updated last year
Idov31 / Jormungandr
View on GitHub
Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
☆243Sep 26, 2023Updated 2 years ago
WKL-Sec / LayeredSyscall
View on GitHub
Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …
☆299Jul 31, 2024Updated last year
VoidSec / DriverBuddyReloaded
View on GitHub
Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks
☆412Jul 4, 2025Updated 8 months ago
antonioCoco / SspiUacBypass
View on GitHub
Bypassing UAC with SSPI Datagram Contexts
☆462Sep 24, 2023Updated 2 years ago
Teach2Breach / early_cascade_inj_rs
View on GitHub
early cascade injection PoC based on Outflanks blog post, in rust
☆62Nov 8, 2024Updated last year
0dayResearchLab / msFuzz
View on GitHub
msFuzz is a coverage-guided fuzzer for Windows kernel drivers that utilizes Intel PT and leverages constraint and dependency analysis to …
☆218Dec 24, 2025Updated 2 months ago
xalicex / Killers
View on GitHub
Exploitation of process killer drivers
☆202Oct 17, 2023Updated 2 years ago
SamuelTulach / HookGuard
View on GitHub
Hooking Windows' exception dispatcher to protect process's PML4
☆227Jan 24, 2025Updated last year
Kudaes / Shelter
View on GitHub
ROP-based sleep obfuscation to evade memory scanners
☆376Jun 22, 2025Updated 8 months ago
icyguider / LatLoader
View on GitHub
PoC module to demonstrate automated lateral movement with the Havoc C2 framework.
☆308Dec 9, 2023Updated 2 years ago
Slowerzs / KeyJumper
View on GitHub
☆54Mar 26, 2025Updated 11 months ago
Kudaes / rust_tips_and_tricks
View on GitHub
Rust For Windows Cheatsheet
☆121Nov 26, 2025Updated 3 months ago
NtDallas / Draugr
View on GitHub
BOF with Synthetic Stackframe
☆230Oct 30, 2025Updated 4 months ago
deepinstinct / DCOMUploadExec
View on GitHub
DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely
☆382Dec 13, 2024Updated last year
JanielDary / ImmoralFiber
View on GitHub
Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
☆283Sep 18, 2024Updated last year
NVISOsecurity / Interceptor
View on GitHub
Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space
☆136Jan 2, 2023Updated 3 years ago
daem0nc0re / VectorKernel
View on GitHub
PoCs for Kernelmode rootkit techniques research.
☆435Nov 4, 2025Updated 4 months ago
huntandhackett / process-cloning
View on GitHub
The Definitive Guide To Process Cloning on Windows
☆543Jan 3, 2024Updated 2 years ago
namazso / MagicSigner
View on GitHub
Signtool for expired certificates
☆514Jun 10, 2023Updated 2 years ago
gabriellandau / ItsNotASecurityBoundary
View on GitHub
☆194Jul 29, 2024Updated last year