zeze-zeze / ioctlanceView external linksLinks
A tool that is used to hunt vulnerabilities in x64 WDM drivers
☆436Dec 7, 2025Updated 2 months ago
Alternatives and similar repositories for ioctlance
Users that are interested in ioctlance are comparing it to the libraries listed below
Sorting:
- Admin to Kernel code execution using the KSecDD driver☆264Apr 19, 2024Updated last year
- LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.☆321Jan 17, 2024Updated 2 years ago
- ☆86Aug 16, 2025Updated 6 months ago
- ☆149Jan 25, 2024Updated 2 years ago
- Windows KASLR bypass using prefetch side-channel☆175Apr 26, 2024Updated last year
- A fast execution trace symbolizer for Windows that runs on all major platforms and doesn't depend on any Microsoft libraries.☆100Jan 3, 2026Updated last month
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.☆587Aug 2, 2025Updated 6 months ago
- Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!☆246Jul 9, 2024Updated last year
- Anti-Rootkit/Anti-Cheat Driver to uncover unbacked or hidden kernel code.☆294Dec 10, 2025Updated 2 months ago
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆325Apr 12, 2024Updated last year
- Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths☆358Aug 11, 2024Updated last year
- PE (and elf now!) bin2bin obfuscator☆810Oct 11, 2025Updated 4 months ago
- a tool used to analyze and monitor in named pipes☆193Oct 27, 2024Updated last year
- Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar☆136Aug 10, 2024Updated last year
- Evasion by machine code de-optimization.☆416Jul 22, 2024Updated last year
- A library to develop kernel level Windows payloads for post HVCI era☆483May 18, 2021Updated 4 years ago
- Encrypted shellcode Injection to avoid Kernel triggered memory scans☆407Sep 12, 2023Updated 2 years ago
- ☆106Aug 21, 2024Updated last year
- Windows rootkit designed to work with BYOVD exploits☆214Jan 18, 2025Updated last year
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆243Sep 26, 2023Updated 2 years ago
- Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …☆296Jul 31, 2024Updated last year
- Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks☆411Jul 4, 2025Updated 7 months ago
- Hooking Windows' exception dispatcher to protect process's PML4☆225Jan 24, 2025Updated last year
- Bypassing UAC with SSPI Datagram Contexts☆460Sep 24, 2023Updated 2 years ago
- early cascade injection PoC based on Outflanks blog post, in rust☆62Nov 8, 2024Updated last year
- msFuzz is a coverage-guided fuzzer for Windows kernel drivers that utilizes Intel PT and leverages constraint and dependency analysis to …☆217Dec 24, 2025Updated last month
- Exploitation of process killer drivers☆202Oct 17, 2023Updated 2 years ago
- ROP-based sleep obfuscation to evade memory scanners☆375Jun 22, 2025Updated 7 months ago
- BOF with Synthetic Stackframe☆220Oct 30, 2025Updated 3 months ago
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.☆307Dec 9, 2023Updated 2 years ago
- ☆53Mar 26, 2025Updated 10 months ago
- Rust For Windows Cheatsheet☆121Nov 26, 2025Updated 2 months ago
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆381Dec 13, 2024Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆280Sep 18, 2024Updated last year
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆136Jan 2, 2023Updated 3 years ago
- The Definitive Guide To Process Cloning on Windows☆539Jan 3, 2024Updated 2 years ago
- PoCs for Kernelmode rootkit techniques research.☆429Nov 4, 2025Updated 3 months ago
- Signtool for expired certificates☆515Jun 10, 2023Updated 2 years ago
- Finding Truth in the Shadows☆120Jan 26, 2023Updated 3 years ago