GitHub topics: kernel-exploit
vnescape/NT_el3vate
A Windows utility to elevate any process to nt authority\system using physical memory.
Language: C++ - Size: 233 KB - Last synced at: about 5 hours ago - Pushed at: about 7 hours ago - Stars: 2 - Forks: 1
kkent030315/anycall
x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration
Language: C++ - Size: 873 KB - Last synced at: 1 day ago - Pushed at: about 3 years ago - Stars: 355 - Forks: 68
kkent030315/anymapper
x64 Windows kernel driver mapper, inject unsigned driver using anycall
Language: C++ - Size: 115 KB - Last synced at: 1 day ago - Pushed at: over 1 year ago - Stars: 169 - Forks: 38
kkent030315/evil-mhyprot-cli
A PoC for Mhyprot2.sys vulnerable driver that allowing read/write memory in kernel/user via unprivileged user process.
Language: C++ - Size: 10.3 MB - Last synced at: 1 day ago - Pushed at: about 4 years ago - Stars: 340 - Forks: 69
kkent030315/MsIoExploit
Exploit MsIo vulnerable driver
Language: C++ - Size: 620 KB - Last synced at: 1 day ago - Pushed at: about 4 years ago - Stars: 113 - Forks: 35
JGoyd/glass-cage-ios18-cve-2025-24085-cve-2025-24201
Glass Cage is a zero-click PNG-based RCE chain in iOS 18.2.1, exploiting WebKit (CVE-2025-24201) and Core Media (CVE-2025-24085) to achieve sandbox escape, kernel-level access, and device bricking. Triggered via iMessage, it enables full compromise with no user interaction.
Size: 1.14 MB - Last synced at: 22 days ago - Pushed at: 23 days ago - Stars: 0 - Forks: 1
kkent030315/libinject
A dll injector static library for Win x64 processes with handle elevation supported
Language: C++ - Size: 1.07 MB - Last synced at: 1 day ago - Pushed at: over 4 years ago - Stars: 13 - Forks: 6
rootkitenthusiast/pdfwkrnl-exploit
abusing signed pdfwkrnl.sys for kernel function calling from usermode.
Language: C - Size: 5.27 MB - Last synced at: 17 days ago - Pushed at: 29 days ago - Stars: 20 - Forks: 6
RKX1209/kernel_exploit_world
Tutorial for writing kernel exploits
Language: C - Size: 49.8 KB - Last synced at: 26 days ago - Pushed at: about 1 month ago - Stars: 255 - Forks: 41
Arunachalam26/Hells-Hollow
Discover Hell's Hollow, a Windows 11 rootkit technique for SSDT Hooking. Bypass defenses using undocumented Alternate Syscall handlers. 🐙🚀
Size: 1.95 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0
0xflux/Hells-Hollow
Hells Hollow Windows 11 Rootkit technique to Hook the SSDT via Alt Syscalls
Language: Rust - Size: 99.6 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 62 - Forks: 8
Lazenca/Kernel-exploit-tech
Linux Kernel exploitation Tutorial.
Language: C - Size: 3.46 MB - Last synced at: about 2 months ago - Pushed at: about 5 years ago - Stars: 271 - Forks: 36
bcoles/kasld
Kernel Address Space Layout Derandomization (KASLD) - A collection of various techniques to infer the Linux kernel base virtual address as an unprivileged local user, for the purpose of bypassing Kernel Address Space Layout Randomization (KASLR).
Language: C - Size: 648 KB - Last synced at: 4 months ago - Pushed at: over 1 year ago - Stars: 437 - Forks: 49
n3rada/DirtyPipe
Working Dirty Pipe (CVE-2022-0847) exploit tool with root access and file overwrites.
Language: C - Size: 348 KB - Last synced at: 2 months ago - Pushed at: almost 2 years ago - Stars: 10 - Forks: 1
A2nkF/macOS-Kernel-Exploit
macOS Kernel Exploit for CVE-2019-8781.
Language: C - Size: 26.4 KB - Last synced at: 6 months ago - Pushed at: almost 6 years ago - Stars: 290 - Forks: 43
hardenedlinux/linux-exploit-development-tutorial
a series tutorial for linux exploit development to newbie.
Language: C - Size: 63.8 MB - Last synced at: 6 months ago - Pushed at: over 1 year ago - Stars: 555 - Forks: 171
TuxSH/universal-otherapp
Userland -> Kernel11 -> Arm9 otherapp for 3DS system versions 1.0 to <= 11.15
Language: C - Size: 79.1 KB - Last synced at: 5 months ago - Pushed at: over 2 years ago - Stars: 139 - Forks: 13
ngn13/kernel-101
Kernel hacklemenin temellerini öğrenin (🇹🇷 Türkçe bir kaynak)
Language: C - Size: 12.2 MB - Last synced at: 2 months ago - Pushed at: 9 months ago - Stars: 8 - Forks: 2
passion1337/byovd-exploit
Vulnerable Driver Exploit
Language: C++ - Size: 65.4 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 1 - Forks: 0
A2nkF/unauthd
A local privilege escalation chain from user to kernel for MacOS < 10.15.5. CVE-2020–9854
Language: Objective-C - Size: 1.79 MB - Last synced at: over 1 year ago - Pushed at: almost 5 years ago - Stars: 83 - Forks: 12
c3r34lk1ll3r/CVE-2017-5123
PoC CVE-2017-5123 - LPE - Bypassing SMEP/SMAP. No KASLR
Language: C - Size: 98.6 KB - Last synced at: over 1 year ago - Pushed at: about 5 years ago - Stars: 29 - Forks: 4
BullyWiiPlaza/tcpgecko Fork of wj444/tcpgecko
The Nintendo Wii U TCP Gecko Installer engine homebrew application for game modding and research
Language: C - Size: 1.4 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 31 - Forks: 20
pmihsan/Linux-Privilege-Escalation-Tools
Collection of Linux PrivEsc Tools
Language: Shell - Size: 106 KB - Last synced at: over 1 year ago - Pushed at: over 2 years ago - Stars: 0 - Forks: 0
nuts7/kernsec
Kernsec is a program to print kernel protections, useful informations of kernel exploitation/pwn in Kernel Land
Language: Shell - Size: 172 KB - Last synced at: over 2 years ago - Pushed at: almost 4 years ago - Stars: 10 - Forks: 2
c3r34lk1ll3r/CVE-2017-11176
Code execution for CVE-2017-11176
Language: C - Size: 30.3 KB - Last synced at: 6 months ago - Pushed at: over 5 years ago - Stars: 1 - Forks: 2