L1B0's Stars
TideSec/BypassAntiVirus
远控免杀系列文章及配套工具,汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术,并对免杀效果进行了一一测试,为远控的免杀和杀软对抗免杀提供参考。
matro7sh/BypassAV
This map lists the essential techniques to bypass anti-virus and EDR
FeeiCN/SecurityInterviewGuide
网络信息安全从业者面试指南
ly4k/SpoolFool
Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)
pwn1sher/KillDefender
A small POC to make defender useless by removing its token privileges and lowering the token integrity
KaLendsi/CVE-2022-21882
win32k LPE
KaLendsi/CVE-2021-1732-Exploit
CVE-2021-1732 Exploit
guoJohnny/-837-
哈尔滨工业大学考研 网络与空间安全 837 初试资料库
kernelm0de/ProcessHider
Hide Process From Task Manager using Usermode API Hooking
dbgsymbol/getsymbol
Simple tool to download debugging symbols from Microsoft, Google, Mozilla and Citrix symbol servers for reverse engineers compatible with Windows 8.1, 10 and 11
liangfei44/VmWareThrough
Karneades/awesome-malware-persistence
A curated list of awesome malware persistence tools and resources.
dosxuz/DefenderStop
Stop Defender Service using C# via Token Impersonation
yuawn/Fuzzing
Fuzzing tutorial with easy-to-learn labs 🚀
Octoberfest7/KDStab
BOF combination of KillDefender and Backstab
irsl/CVE-2020-1313
Proof of concept exploit of Windows Update Orchestrator Service Elevation of Privilege Vulnerability
KuNgia09/bypass_vmp_vm_detect
bypass vmp virtual machine detect
Allevon412/PPL_Sandboxer
elastic/PPLGuard
wbenny/avmext
Anti-Anti-VM solution via Windows Driver
SecLabResearchBV/CVE-2022-34718-PoC
FuzzySecurity/IBM-RedCON-2020
IBM RedCON 2020 - Throwing an AquaWrench into the Kernel
aviadyifrah/anti-anti-vm-detection-dll
anti anti vm dll, used to hide VMWare characteristics as files, processes, services, registry values
reversinghub/hide-and-seek
PoC for hiding processes from Windows Task Manager by manipulating the graphic interface
Rhydon1337/windows-kernel-file-protector
Protect a file from being deleted using windows kernel file system minifilter driver
sijms/PowerBuilder-decompile
Python module that parse power builder file (PBD) and analyze code (Incomplete)
cssxn/CVE-2020-17136
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
wonderkun/flare-kscldr
TheHalcyonSavant/FileHide
Hidding files from WinXP FileSystem
Ken-Abruzzi/CVE-2020-1048
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'.