Block or Report
Block or report zer0condition
Contact GitHub support about this user’s behavior. Learn more about reporting abuse.
Report abuse-
ZeroHVCI Public
Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling without admin permissions or kernel drivers.
-
NVDrv Public
Abusing nvidia driver (nvoclock.sys) for physical/virtual memory and control register manipulation.
-
mhydeath Public
Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.
-
-
ReverseKit Public
x64 Dynamic Reverse Engineering Toolkit
-
Reversing-a-signed-driver Public
Reverse Engineering a signed kernel driver packed and virtualized with VMProtect 3.6
-
Demystifying-PatchGuard Public
Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unauthorized modifications to the Windows kernel. The analysis is…
-
ZeroThreadKernel Public
Recursive and arbitrary code execution at kernel-level without a system thread creation
-
IDTHook-x86 Public
Detour hooking IRQ1 ISR through IDT (Interrupt Descriptor Table)
-
-
GDRVLib Public
Virtual and physical memory hacking library using gigabyte vulnerable driver
-
CritBSOD Public
Abusing RtlAdjustPrivilege and NtSetInformationProcess to cause a BSOD from usermode
-
ia32-doc Public
Forked from ia32-doc/ia32-docIA32-doc is a project which aims to put as many definitions from the Intel Manual into machine-processable format as possible
-
WRK Public
Forked from zhuhuibeishadiao/ntoskrnlThe Windows Research Kernel (WRK)