Pinned Repositories
BOF-ForeignLsass
CVE-2022-3699
Lenovo Diagnostics Driver EoP - Arbitrary R/W
CVE-2022-45451
PoC for Acronis Arbitrary File Read - CVE-2022-45451
drivers_and_shit
ExternalC2Go
HPHardwareDiagnostics-PoC
PoC exploit for HP Hardware Diagnostic's EtdSupp driver
LogMeInPoCHandleDup
MCP-PoC
Minifilter Callback Patching Proof-of-Concept
StinkyLoader
It stinks
UserVAtoPhysical
Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address
alfarom256's Repositories
alfarom256/CVE-2022-3699
Lenovo Diagnostics Driver EoP - Arbitrary R/W
alfarom256/LogMeInPoCHandleDup
alfarom256/MCP-PoC
Minifilter Callback Patching Proof-of-Concept
alfarom256/drivers_and_shit
alfarom256/HPHardwareDiagnostics-PoC
PoC exploit for HP Hardware Diagnostic's EtdSupp driver
alfarom256/CVE-2022-45451
PoC for Acronis Arbitrary File Read - CVE-2022-45451
alfarom256/MinifilterResearch
alfarom256/smokescreen
get it, because it's a pipe filter?
alfarom256/Vulnerability-REsearch
Binarly Vulnerability Research Advisories
alfarom256/alfarom256.github.io
alfarom256/CallMeWin32kDriver
Load your driver like win32k.sys
alfarom256/efiXplorer
IDA plugin for UEFI firmware analysis and reverse engineering automation
alfarom256/angryorchard
A kernel vulnerability used to achieve arbitrary read-write on Windows prior to July 2022
alfarom256/AWSGoat
AWSGoat : A Damn Vulnerable AWS Infrastructure
alfarom256/bootkit-rs
Rusty Bootkit - UEFI Bootkit in Rust
alfarom256/bootlicker
A generic UEFI bootkit used to achieve initial usermode execution. It works with modifications.
alfarom256/golfclub
Binary Golf Examples and Resources
alfarom256/HyperDeceit
HyperDeceit is the ultimate all-in-one library that emulates Hyper-V for Windows, giving you the ability to intercept and manipulate operating system tasks with ease.
alfarom256/Network-Covert-Channels-A-University-level-Course
A free online class on network information hiding/steganography/covert channels that I teach at the FernUniversität in Hagen, Germany, and HS Worms, Germany.
alfarom256/peafl64
Static Binary Instrumentation tool for Windows x64 executables
alfarom256/PINKPANTHER
Windows x64 handcrafted token stealing kernel-mode shellcode
alfarom256/psyscalls-rs
Rusty Parallel Syscalls library
alfarom256/Responder
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
alfarom256/Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
alfarom256/SimpleNTSyscallFuzzer
alfarom256/VMProtect-Source
Source of VMProtect (NOT OFFICIALLY)
alfarom256/alfarom256
alfarom256/PPLFault
alfarom256/SharpDPAPI
SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.
alfarom256/SilentMoonwalk
PoC Implementation of a TRUE call stack spoofer (fork)