zodiacon / Recon2023

Related projects ⓘ

Alternatives and complementary repositories for Recon2023

• YoavLevi / IAT-Tracer
  An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…
  ☆111Updated 4 months ago
• therealdreg / masm32-kernel-programming
  masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)
  ☆115Updated last year
• 0vercl0k / snapshot
  WinDbg extension written in Rust to dump the CPU / memory state of a running VM
  ☆111Updated 2 weeks ago
• pmatula / Windows-Internals-Learning-Resources
  ☆95Updated 2 months ago
• AaLl86 / WindowsInternals
  Contains all the applications developed for the Second part of the 7th Edition of Windows Internals book
  ☆101Updated 4 months ago
• hugsy / recon_2024_windbg_workshop
  ☆71Updated 4 months ago
• struppigel / hedgehog-tools
  ☆111Updated 2 weeks ago
• connormcgarr / EATGuard
  Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)
  ☆93Updated last year
• jk45054 / CTF-writeups
  Writeups for CTF challenges
  ☆30Updated last year
• jonaslyk / exploitkitpub
  ☆95Updated 2 years ago
• 20urc3 / Aplos
  Aplos an extremely simple fuzzer for Windows binaries.
  ☆66Updated 7 months ago
• xalicex / kernel-debug-lab-for-virtual-box
  How to set up 2 VirtualBox VM to debug kernel driver using windbg
  ☆50Updated 2 years ago
• tandasat / hvext
  The Windbg extension that implements commands helpful to study Hyper-V on Intel processors.
  ☆130Updated last month
• floesen / KExecDD
  Admin to Kernel code execution using the KSecDD driver
  ☆238Updated 7 months ago
• jonaslyk / temp
  ☆65Updated last year
• jsecurity101 / ETWInspector
  ☆153Updated 6 months ago
• Bw3ll / ROP_ROCKET
  ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…
  ☆111Updated 2 months ago
• zodiacon / syllabi
  ☆61Updated 9 months ago
• yardenshafir / IoRingReadWritePrimitive
  Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2
  ☆221Updated 2 years ago
• SafeBreach-Labs / MagicDot
  A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue
  ☆95Updated 7 months ago
• gabriellandau / ItsNotASecurityBoundary
  ☆142Updated 3 months ago
• yo-yo-yo-jbo / virtual_memory_known_dlls
  ☆18Updated last year
• realoriginal / blacklotus
  A attempt at replicating BLACKLOTUS capabilities, whilst not acting as a direct mimic.
  ☆85Updated last year
• CaledoniaProject / drivers-binaries
  Exploitable drivers, you know what I mean
  ☆126Updated 7 months ago
• buzzer-re / Shinigami
  A dynamic unpacking tool
  ☆128Updated last year
• FuzzySecurity / BulkBindex
  Winbindex bot to pull in binaries for specific releases
  ☆46Updated last year
• Sentinel-One / peafl64
  Static Binary Instrumentation tool for Windows x64 executables
  ☆180Updated 3 weeks ago
• 0vercl0k / rp-bf.rs
  rp-bf: A library to bruteforce ROP gadgets by emulating a Windows user-mode crash-dump
  ☆112Updated 6 months ago
• ViperXSecurity / lib-nosa
  lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.
  ☆63Updated 2 months ago
• p0dalirius / pdbdownload
  A Python script to download PDB files associated with a Portable Executable (PE)
  ☆116Updated 4 months ago