Pinned Repositories
cet-research
A collection of tools, source code, and papers researching Windows' implementation of CET.
CVE-2020-1034
PoC demonstrating the use of cve-2020-1034 for privilege escalation
DpcWait
Driver demonstrating how to register a DPC to asynchronously wait on an object
InformationClasses
Documenting system information classes and their uses
IoRingReadWritePrimitive
Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2
KernelDataStructureFinder
Driver and WinDBG scripts to dump information about all resources and lookaside lists
MitigationFlagsCliTool
Command like tool to print mitigation flags for running processes in a memory dump
PoolViewer
An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.
SymlinkCallback
A driver that hooks C: volume using symbolic link callback to track all FS access to the volume
WinDbg_Scripts
Useful scripts for WinDbg using the debugger data model
yardenshafir's Repositories
yardenshafir/WinDbg_Scripts
Useful scripts for WinDbg using the debugger data model
yardenshafir/IoRingReadWritePrimitive
Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2
yardenshafir/PoolViewer
An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.
yardenshafir/CVE-2020-1034
PoC demonstrating the use of cve-2020-1034 for privilege escalation
yardenshafir/SymlinkCallback
A driver that hooks C: volume using symbolic link callback to track all FS access to the volume
yardenshafir/cet-research
A collection of tools, source code, and papers researching Windows' implementation of CET.
yardenshafir/KernelDataStructureFinder
Driver and WinDBG scripts to dump information about all resources and lookaside lists
yardenshafir/InformationClasses
Documenting system information classes and their uses
yardenshafir/DpcWait
Driver demonstrating how to register a DPC to asynchronously wait on an object
yardenshafir/MitigationFlagsCliTool
Command like tool to print mitigation flags for running processes in a memory dump
yardenshafir/IoRing_Demos
A repository for I/O ring demos, use cases and performance testing on Windows
yardenshafir/conference_talks
Slides from various conference talks
yardenshafir/CallbackObjectAnalyzer
Dumps information about all the callback objects found in a dump file and the functions registered for them
yardenshafir/rewolf-wow64ext
Helper library for x86 programs that runs under WOW64 layer on x64 versions of Microsoft Windows operating systems.
yardenshafir/s1dbg
windbg extension that does stuff
yardenshafir/LOLDrivers
Living Off The Land Drivers
yardenshafir/HackSysExtremeVulnerableDriver
HackSys Extreme Vulnerable Windows Driver
yardenshafir/WinObjEx64
Windows Object Explorer 64-bit
yardenshafir/BlogHyperV
Tools made for my Hyper-V blog series @ https://foxhex0ne.blogspot.com/
yardenshafir/ntdiff
yardenshafir/ObjectListView
A mirror of the ObjectListView library
yardenshafir/vcpkg
C++ Library Manager for Windows, Linux, and MacOS
yardenshafir/winsdk-10