Pinned Repositories
angryorchard
A kernel vulnerability used to achieve arbitrary read-write on Windows prior to July 2022
blacklotus
A attempt at replicating BLACKLOTUS capabilities, whilst not acting as a direct mimic.
bootdoor
An initial proof of concept of a bootkit based on Cr4sh's DMABackdoorBoot
bootlicker
A generic UEFI bootkit used to achieve initial usermode execution. It works with modifications.
doublepulsar
An unfinished DOUBLEPULSAR clone. Set to be redone at a later date
foliage
A proof of concept I developed to improve Gargoyle back in 2018 to achieve true memory obfuscation from position independent code
grimreaper
A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls
krbdump
A way to extract tickets in case I need to purge and restore tickets on the fly.
krbtgs
old postex for grabbing a krbtgs for my current user
titanldr-ng
A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge years ago.
realoriginal's Repositories
realoriginal/bootlicker
A generic UEFI bootkit used to achieve initial usermode execution. It works with modifications.
realoriginal/titanldr-ng
A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge years ago.
realoriginal/angryorchard
A kernel vulnerability used to achieve arbitrary read-write on Windows prior to July 2022
realoriginal/grimreaper
A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls
realoriginal/blacklotus
A attempt at replicating BLACKLOTUS capabilities, whilst not acting as a direct mimic.
realoriginal/bootdoor
An initial proof of concept of a bootkit based on Cr4sh's DMABackdoorBoot
realoriginal/foliage
A proof of concept I developed to improve Gargoyle back in 2018 to achieve true memory obfuscation from position independent code
realoriginal/krbtgs
old postex for grabbing a krbtgs for my current user
realoriginal/krbdump
A way to extract tickets in case I need to purge and restore tickets on the fly.
realoriginal/preboot
Experiment with d_olex's firmware and conducting "preboot" attack
realoriginal/doublepulsar
An unfinished DOUBLEPULSAR clone. Set to be redone at a later date
realoriginal/doublepulsar-rdp
Another unfinished doublepulsar RDP variant from years ago. Demonstrates hooking McsDispatch, never wrote the hook itself
realoriginal/krblist
Old post-ex for listing kerberos tickets. A terribly written clone of `klist`
realoriginal/jumpingjackal
Demonstrating the introduction of unsigned code into kernel space through usermode with the precense of Hypervisor Code Integrity and Virtualization Based Security ( HVCI / VBS )