GetRektBoy724
Follow
Stars
Compileable POC of namazso's x64 return address spoofer.
Admin to Kernel code execution using the KSecDD driver
HyperDeceit is the ultimate all-in-one library that emulates Hyper-V for Windows, giving you the ability to intercept and manipulate operating system tasks with ease.
The BEST DLL Injector Library.
Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!)
A collection of tools, source code, and papers researching Windows' implementation of CET.
Patching "signtool.exe" to accept expired certificates for code-signing.
XNTSV program for detailed viewing of system structures for Windows.
Lightweight and with minimal dependencies implementation of snprintf() C function.
A free but powerful Windows kernel research tool.
A PoC implementation for dynamically masking call stacks with timers.
metame is a metamorphic code engine for arbitrary executables
Create a new thread that will suspend every thread and encrypt its stack, then going to sleep , then decrypt the stacks and resume threads
Windows x64 handcrafted token stealing kernel-mode shellcode
SimpleVisor is a simple, portable, Intel VT-x hypervisor with two specific goals: using the least amount of assembly code (10 lines), and having the smallest amount of VMX-related code to support d…
Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.
Abusing nvidia driver (nvoclock.sys) for physical/virtual memory and control register manipulation.
Demonstrate calling a kernel function and handle process creation callback against HVCI
Hacker Disassembler Engine 64 Copyright (c) 2008-2009, Vyacheslav Patkov. * All rights reserved.
Virtual and physical memory hacking library using gigabyte vulnerable driver
x64 Windows PatchGuard bypass, register process-creation callbacks from unsigned code
hook KeyboardClassServiceCallback to prevent messing up sistema
KDP compatible unsigned driver loader leveraging a write primitive in one of the IOCTLs of gdrv.sys
Hook system calls, context switches, page faults and more.
Bypassing PatchGuard on modern x64 systems