Topic: "windows-kernel-exploitation"
0dayResearchLab/msFuzz
msFuzz is a coverage-guided fuzzer for Windows kernel drivers using Intel PT. It is constraint- and dependency-aware for efficient path exploration.
Language: Makefile - Size: 5.35 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 169 - Forks: 26

jordan9001/dobby2
Build your emulation environment as needed
Language: Python - Size: 495 KB - Last synced at: 7 months ago - Pushed at: about 4 years ago - Stars: 64 - Forks: 10

APT64/RePulsar
SMB-backdoor implementation
Language: C - Size: 66.4 KB - Last synced at: almost 2 years ago - Pushed at: about 2 years ago - Stars: 46 - Forks: 9

loneicewolf/smbdoor Fork of ExpLife0011/smbdoor
improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys
Language: C - Size: 6.92 MB - Last synced at: over 2 years ago - Pushed at: over 2 years ago - Stars: 46 - Forks: 5

otavioarj/SIOCTLBF
Super IOCTL Basic Fuzzer
Language: C - Size: 86.9 KB - Last synced at: over 1 year ago - Pushed at: over 5 years ago - Stars: 11 - Forks: 5

0xflux/Ferric-Fox
A windows 11 rootkit in Rust
Language: Rust - Size: 24.4 KB - Last synced at: 2 months ago - Pushed at: 3 months ago - Stars: 7 - Forks: 1

Exploitables/ExFreePool-Vulnerability
My research into taking advantage of ExFreePool primitives.
Language: C - Size: 537 KB - Last synced at: over 2 years ago - Pushed at: almost 3 years ago - Stars: 6 - Forks: 2

IgorKorkin/testbed
This project demonstrates the privilege escalation for a user-mode process - cmd.exe using stack overflow in the kernel mode driver. The user-mode component 'testbed_console.exe' sends CTL_CODE with a payload to the vulnerable driver 'testbed_driver.sys', which call RtlCopyMemory without any checks. 'testbed_console.exe' includes 'testbed_driver.sys' has a resource.
Language: C++ - Size: 62.5 KB - Last synced at: over 2 years ago - Pushed at: over 7 years ago - Stars: 4 - Forks: 4

0xbekoo/SSDT-Hooking
The project uses SSDT Hooking to bypass security checks during driver loading by hooking NtLoadDriver and modifying the PreviousMode flag.
Language: C - Size: 74.2 KB - Last synced at: 3 months ago - Pushed at: 4 months ago - Stars: 3 - Forks: 0
