zeze-zeze / ioctlanceLinks
A tool that is used to hunt vulnerabilities in x64 WDM drivers
☆199Updated 2 months ago
Alternatives and similar repositories for ioctlance
Users that are interested in ioctlance are comparing it to the libraries listed below
Sorting:
- Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2☆227Updated 2 years ago
- Static Binary Instrumentation tool for Windows x64 executables☆203Updated last month
- msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation to be used within IDA.☆151Updated last year
- The Windbg extensions to study Hyper-V on Intel and AMD processors.☆153Updated 2 months ago
- ☆145Updated last year
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆142Updated 9 months ago
- Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling withou…☆203Updated 7 months ago
- WinDbg extension written in Rust to dump the CPU / memory state of a running VM☆117Updated 2 weeks ago
- Rusty Hypervisor - Windows UEFI Blue Pill Type-1 Hypervisor in Rust (Codename: Illusion)☆263Updated 9 months ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆245Updated 2 years ago
- Admin to Kernel code execution using the KSecDD driver☆250Updated last year
- Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks☆361Updated 7 months ago
- compile-time control flow obfuscation using mba☆185Updated last year
- Vulnerable driver research tool, result and exploit PoCs☆193Updated last year
- Windows KASLR bypass using prefetch side-channel☆100Updated last year
- msFuzz is a coverage-guided fuzzer for Windows kernel drivers that utilizes Intel PT and leverages constraint and dependency analysis to …☆185Updated 2 weeks ago
- Collection of hypervisor detections☆236Updated 8 months ago
- Single header version of System Informer's phnt library.☆221Updated last week
- ☆90Updated last year
- ☆69Updated 2 years ago
- A list of excellent resources for anyone to deepen their understanding with regards to Windows Kernel Exploitation and general low level …☆143Updated 2 years ago
- ☆139Updated 3 weeks ago
- Reverse engineering winapi function loadlibrary.☆194Updated 2 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆219Updated 5 years ago
- IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).☆88Updated 3 years ago
- a tool used to analyze and monitor in named pipes☆164Updated 7 months ago
- Debugger Anti-Detection Benchmark☆332Updated last year
- masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)☆124Updated last year
- BYOVD: Loading dbk64.sys and grabbing a handle to it☆151Updated 2 years ago
- Code Injection, Inject malicious payload via pagetables pml4.☆238Updated 3 years ago