yardenshafir/CVE-2020-1034

PoC demonstrating the use of cve-2020-1034 for privilege escalation

Language: C++ - Size: 21.5 KB - Last synced: 18 days ago - Pushed: about 3 years ago - Stars: 112 - Forks: 40

yardenshafir/MitigationFlagsCliTool

Command like tool to print mitigation flags for running processes in a memory dump

Language: C++ - Size: 22.5 KB - Last synced: about 1 month ago - Pushed: over 3 years ago - Stars: 36 - Forks: 16

yardenshafir/WinDbg_Scripts

Useful scripts for WinDbg using the debugger data model

Language: JavaScript - Size: 1.78 MB - Last synced: about 2 months ago - Pushed: about 2 months ago - Stars: 339 - Forks: 56

yardenshafir/SymlinkCallback

A driver that hooks C: volume using symbolic link callback to track all FS access to the volume

Language: C++ - Size: 19.5 KB - Last synced: 3 months ago - Pushed: about 4 years ago - Stars: 99 - Forks: 40

yardenshafir/IoRingReadWritePrimitive

Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2

Language: C++ - Size: 23.4 KB - Last synced: 6 months ago - Pushed: almost 2 years ago - Stars: 185 - Forks: 44

yardenshafir/PoolViewer

An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.

Language: C++ - Size: 6.3 MB - Last synced: 6 months ago - Pushed: about 1 year ago - Stars: 112 - Forks: 24

yardenshafir/KernelDataStructureFinder

Driver and WinDBG scripts to dump information about all resources and lookaside lists

Language: C++ - Size: 5.86 KB - Last synced: 7 months ago - Pushed: about 4 years ago - Stars: 61 - Forks: 24

yardenshafir/LOLDrivers Fork of magicsword-io/LOLDrivers

Living Off The Land Drivers

Language: YARA - Size: 99.4 MB - Last synced: 10 months ago - Pushed: 10 months ago - Stars: 1 - Forks: 0

yardenshafir/cet-research

A collection of tools, source code, and papers researching Windows' implementation of CET.

Language: C - Size: 139 KB - Last synced: 7 months ago - Pushed: over 3 years ago - Stars: 57 - Forks: 14

yardenshafir/conference_talks

Slides from various conference talks

Size: 5.22 MB - Last synced: 12 months ago - Pushed: 12 months ago - Stars: 28 - Forks: 7

yardenshafir/IoRing_Demos

A repository for I/O ring demos, use cases and performance testing on Windows

Language: C++ - Size: 39.1 KB - Last synced: about 1 year ago - Pushed: almost 2 years ago - Stars: 31 - Forks: 10

yardenshafir/InformationClasses

Documenting system information classes and their uses

Size: 42 KB - Last synced: about 1 year ago - Pushed: over 2 years ago - Stars: 38 - Forks: 9

yardenshafir/CallbackObjectAnalyzer

Dumps information about all the callback objects found in a dump file and the functions registered for them

Language: C++ - Size: 4.16 MB - Last synced: about 1 year ago - Pushed: over 3 years ago - Stars: 32 - Forks: 8

yardenshafir/DpcWait

Driver demonstrating how to register a DPC to asynchronously wait on an object

Language: C++ - Size: 14.6 KB - Last synced: about 1 year ago - Pushed: over 3 years ago - Stars: 40 - Forks: 24

yardenshafir/vcpkg Fork of microsoft/vcpkg

C++ Library Manager for Windows, Linux, and MacOS

Size: 64.1 MB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 0 - Forks: 0

yardenshafir/HackSysExtremeVulnerableDriver Fork of hacksysteam/HackSysExtremeVulnerableDriver

HackSys Extreme Vulnerable Windows Driver

Size: 1.47 MB - Last synced: about 1 year ago - Pushed: almost 2 years ago - Stars: 1 - Forks: 0

yardenshafir/winsdk-10 Fork of tpn/winsdk-10

Size: 55.4 MB - Last synced: about 1 year ago - Pushed: about 6 years ago - Stars: 0 - Forks: 0

yardenshafir/s1dbg

windbg extension that does stuff

Language: C++ - Size: 21.5 KB - Last synced: about 1 year ago - Pushed: over 5 years ago - Stars: 5 - Forks: 4

yardenshafir/rewolf-wow64ext Fork of rwfpl/rewolf-wow64ext

Helper library for x86 programs that runs under WOW64 layer on x64 versions of Microsoft Windows operating systems.

Language: C++ - Size: 339 KB - Last synced: about 1 year ago - Pushed: over 6 years ago - Stars: 7 - Forks: 1

yardenshafir/BlogHyperV Fork of JaanusKaapPublic/BlogHyperV

Tools made for my Hyper-V blog series @ https://foxhex0ne.blogspot.com/

Size: 29.3 KB - Last synced: about 1 year ago - Pushed: almost 4 years ago - Stars: 0 - Forks: 1

yardenshafir/ntdiff Fork of ntdiff/ntdiff

Size: 499 KB - Last synced: about 1 year ago - Pushed: about 4 years ago - Stars: 0 - Forks: 1

yardenshafir/ObjectListView Fork of 0xFEEDC0DE64/ObjectListView

A mirror of the ObjectListView library

Size: 431 KB - Last synced: about 1 year ago - Pushed: over 7 years ago - Stars: 0 - Forks: 0