L1B0's Stars
gentilkiwi/mimikatz
A little tool to play with Windows security
reactos/reactos
A free Windows-compatible Operating System
hacksysteam/HackSysExtremeVulnerableDriver
HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux
TheCruZ/kdmapper
KDMapper is a simple tool that exploits iqvw64e.sys Intel driver to manually map non-signed drivers in memory
hfiref0x/KDU
Kernel Driver Utility
erocarrera/pefile
pefile is a Python module to read and work with PE (Portable Executable) files
tandasat/HyperPlatform
Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.
FULLSHADE/WindowsExploitationResources
Resources for Windows exploit development
corkami/pocs
Proof of Concepts (PE, PDF...)
struppigel/PortEx
Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness
k0keoyo/kDriver-Fuzzer
FSecureLABS/win_driver_plugin
A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.
eclypsium/Screwed-Drivers
"Screwed Drivers" centralized information source for code references, links, etc.
namazso/physmem_drivers
A collection of various vulnerable (mostly physical memory exposing) drivers.
tandasat/MemoryMon
Detecting execution of kernel memory where is not backed by any image file
connormcgarr/Kernel-Exploits
Kernel Exploits
Paolo-Maffei/OpenNT
OpenNT - Windows OS Compatible - Clone of SVN
IgorKorkin/MemoryRanger
MemoryRanger protects kernel data and code by running drivers and hosting data in isolated kernel enclaves using VT-x and EPT features. MemoryRanger has been presented at the BlackHat, HITB, CDFSL.
Barakat/CVE-2019-16098
Local privilege escalation PoC exploit for CVE-2019-16098
Signal-Labs/NtdllUnpatcher
Example code for EDR bypassing
cocaman/malware-bazaar
Python scripts for Malware Bazaar
tandasat/Sushi
a Japanese food keeps you sane
zer0mem/MiniHyperVisorProject
IntelVT-X nice feature -> tool
IgorKorkin/AllMemPro
AllMemPro
Chen-Junbao/SecureAggregation
personal implementation of secure aggregation protocol
rjt-gupta/CVE-2021-29337
CVE-2021-29337 - Privilege Escalation in MODAPI.sys (MSI Dragon Center)
ulexec/elf_dynsym_obfuscation
PoC for obfuscating the dynamic symbol table injecting a custom Hash Table to do symbol resolution
tandasat/hyperplatform_log_parser
User-mode program parsing logs created by HyperPlatform
intezer/scripts
eurecom-s3/loaders-models