Data

Tools

Indexes

Applications

Experiments

Repos

An open API service providing repository metadata for many open source software ecosystems.

Topic: "windows-kernel-exploitation"

0dayResearchLab/msFuzz

msFuzz is a coverage-guided fuzzer for Windows kernel drivers using Intel PT. It is constraint- and dependency-aware for efficient path exploration.

Language: Makefile - Size: 5.35 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 169 - Forks: 26

jordan9001/dobby2

Build your emulation environment as needed

Language: Python - Size: 495 KB - Last synced at: 7 months ago - Pushed at: about 4 years ago - Stars: 64 - Forks: 10

APT64/RePulsar

SMB-backdoor implementation

Language: C - Size: 66.4 KB - Last synced at: almost 2 years ago - Pushed at: about 2 years ago - Stars: 46 - Forks: 9

loneicewolf/smbdoor Fork of ExpLife0011/smbdoor

improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys

Language: C - Size: 6.92 MB - Last synced at: over 2 years ago - Pushed at: over 2 years ago - Stars: 46 - Forks: 5

otavioarj/SIOCTLBF

Super IOCTL Basic Fuzzer

Language: C - Size: 86.9 KB - Last synced at: over 1 year ago - Pushed at: over 5 years ago - Stars: 11 - Forks: 5

0xflux/Ferric-Fox

A windows 11 rootkit in Rust

Language: Rust - Size: 24.4 KB - Last synced at: 2 months ago - Pushed at: 3 months ago - Stars: 7 - Forks: 1

Exploitables/ExFreePool-Vulnerability

My research into taking advantage of ExFreePool primitives.

Language: C - Size: 537 KB - Last synced at: over 2 years ago - Pushed at: almost 3 years ago - Stars: 6 - Forks: 2

IgorKorkin/testbed

This project demonstrates the privilege escalation for a user-mode process - cmd.exe using stack overflow in the kernel mode driver. The user-mode component 'testbed_console.exe' sends CTL_CODE with a payload to the vulnerable driver 'testbed_driver.sys', which call RtlCopyMemory without any checks. 'testbed_console.exe' includes 'testbed_driver.sys' has a resource.

Language: C++ - Size: 62.5 KB - Last synced at: over 2 years ago - Pushed at: over 7 years ago - Stars: 4 - Forks: 4

0xbekoo/SSDT-Hooking

The project uses SSDT Hooking to bypass security checks during driver loading by hooking NtLoadDriver and modifying the PreviousMode flag.

Language: C - Size: 74.2 KB - Last synced at: 3 months ago - Pushed at: 4 months ago - Stars: 3 - Forks: 0

Related Topics
windows-kernel 5 kernel 4 srvnet 2 smb-handler 2 smb 2 rootkit 2 doublepulsar 2 research 2 windows 2 fuzzer 2 edr 1 edr-evasion 1 symbolic-execution 1 emulator 1 rootkit-kernel 1 deobfuscation 1 exfreepool 1 rootkit-windows 1 rust-rootkit 1 security-research 1 windows-rootkit 1 windows-rootkits 1 ssdt 1 ssdt-hook 1 ssdt-hooking 1 fuzz-testing 1 fuzzing 1 security 1 security-vulnerability 1 exfreepoolwithtag 1 exploit 1 exploit-techniques 1 exploit-write-up 1 pool-research 1 windows-pool 1 write-up 1 back-door 1 extrapulsar 1 improvement 1 smbdoor 1 undocumented 1 backdoor 1 implant 1 smb-backdoor 1 smb-client 1 stack-overflow 1 ioctl 1 concolic-execution 1