-
Stars47
-
Rank 601,061 (Top 12 %)
-
LanguageC
-
Created almost 6 years ago
-
Updated about 4 years ago
Reviews
There are no reviews yet. Be the first to send feedback to the community and the maintainers!
Repository Details
Master list of all my vulnerability discoveries. Mostly 3rd party kernel drivers.
More Repositories
1
CallMon
CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlersC
128
2
DynamicKernelShellcode
An example of how x64 kernel shellcode can dynamically find and use APIsAssembly
103
3
ALPC-Example
An example of a client and server using Windows' ALPC functions to send and receive data.C
88
4
CVE-2018-16712
PoC Code for CVE-2018-16712 (exploit by MmMapIoSpace)C
25
5
WarbirdExamples
An example of how to use Microsoft Windows Warbird technologyC
24
6
WhoCalls_C
WhoCalls can query a directory of files, find the binaries, and search for a user specified Win API import. It and works with both 32-bit (PE) and 64-bit (PE32+) file formats (.exe, .dll, .sys)C
17
7
KLoad_C
A simple command line utility to quickly load and unload Windows driversC
16
8
WinPools
WinPools is an example of how Windows kernel big pool addresses can be leaking using NtQuerySystemInformationC
14
9
WHPHook
Simple DLL and client app that work together to hook all the functions in WinHvPlatform.dll in order to provide logging and introspection at the hypervisor levelC++
13
10
CVE-2018-15499
PoC code for CVE-2018-15499 (exploit race condition for BSoD)C
11
11
Windows-Syscalls-Examples
Examples of how to use Syscalls in various Windows versions and architectures.Assembly
10
12
DbgKeystone
A keystone engine powered Windows Debugger extensionC
10
13
IOCTL-Flooder
IOCTL-Flooder is a verbose tool designed to help with Windows driver fuzzing by brute forcing IOCTLs on loaded drivers. GetLastError is used to guess validityC
10
14
KLoad
A simple command line utility to quickly load and unload Windows driversRust
9
15
FakeDriverPoC
This is a PoC driver which creates a fake driver and device object with the intent on allowing a user mode program to communicate with a "fake" driver and device.C
7
16
CVE-2018-16713
PoC code for CVE-2018-16713 (exploit by rdmsr)C
6
17
CVE-2018-18714
PoC Code for CVE-2018-18714 (exploit by stack overflow)C
6
18
CVE-2018-18026
PoC Code for CVE-2018-18026 (exploit by stack overflow)C
6
19
soplock
The Simple Opportunistic Lock toolC
5
20
CVE-2018-16711
PoC code for CVE-2018-16711 (exploit by wrmsr)C
5
21
The-Good-Bad-Code
Pushing the limits of bad programming practices. Abusing APIs. Destroying utility programs.Assembly
4
22
SHA-ME
A pure WinAPI program that demonstrates translating a file into a SHA-256 hash. Designed to be used as a utility.C
4
23
Code-Rewrites
Programs and scripts I've ported to other languages, mostly for fun.
Pascal
4
24
Spoof-Task-Manager
An example showing how a mutex can stop taskmgr.exe from loadingAssembly
4
25
wat
The Linux coreutils spin off of cat, but for Windows.Assembly
4
26
SystemsWork
A repo containing examples relating to various aspects of Windows internals and processor featuresC
3
27
HyperCalc
An Intel HAXM powered, protected mode, 32 bit, hypervisor addition calculator, written in Rust.Rust
3
28
Check-Administrator-Status
A spin off of Command Prompt Add-ons. This includes examples of how to check privilege status.Assembly
3
29
Driver-Easy-Research
Python scripts for manipulating Driver Easy's serversPython
3
30
bswap
A Windbg extension for swapping byte endianness.C
2
31
Musical-Processes
Turn a process' memory into music (32-bit only)
Pascal
2
32
WhoCalls
A program which can query a directory of files, find the binaries, and search for a specified Win API import.Rust
1
33
downwithup.github.io
Personal websiteHTML
1