• Stars
    star
    3
  • Rank 3,963,521 (Top 79 %)
  • Language
    Assembly
  • Created almost 7 years ago
  • Updated over 6 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A spin off of Command Prompt Add-ons. This includes examples of how to check privilege status.

More Repositories

1

CallMon

CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers
C
128
star
2

DynamicKernelShellcode

An example of how x64 kernel shellcode can dynamically find and use APIs
Assembly
103
star
3

ALPC-Example

An example of a client and server using Windows' ALPC functions to send and receive data.
C
88
star
4

CVE-Stockpile

Master list of all my vulnerability discoveries. Mostly 3rd party kernel drivers.
C
47
star
5

CVE-2018-16712

PoC Code for CVE-2018-16712 (exploit by MmMapIoSpace)
C
25
star
6

WarbirdExamples

An example of how to use Microsoft Windows Warbird technology
C
24
star
7

WhoCalls_C

WhoCalls can query a directory of files, find the binaries, and search for a user specified Win API import. It and works with both 32-bit (PE) and 64-bit (PE32+) file formats (.exe, .dll, .sys)
C
17
star
8

KLoad_C

A simple command line utility to quickly load and unload Windows drivers
C
16
star
9

WinPools

WinPools is an example of how Windows kernel big pool addresses can be leaking using NtQuerySystemInformation
C
14
star
10

WHPHook

Simple DLL and client app that work together to hook all the functions in WinHvPlatform.dll in order to provide logging and introspection at the hypervisor level
C++
13
star
11

CVE-2018-15499

PoC code for CVE-2018-15499 (exploit race condition for BSoD)
C
11
star
12

DbgKeystone

A keystone engine powered Windows Debugger extension
C
10
star
13

Windows-Syscalls-Examples

Examples of how to use Syscalls in various Windows versions and architectures.
Assembly
10
star
14

IOCTL-Flooder

IOCTL-Flooder is a verbose tool designed to help with Windows driver fuzzing by brute forcing IOCTLs on loaded drivers. GetLastError is used to guess validity
C
10
star
15

KLoad

A simple command line utility to quickly load and unload Windows drivers
Rust
9
star
16

FakeDriverPoC

This is a PoC driver which creates a fake driver and device object with the intent on allowing a user mode program to communicate with a "fake" driver and device.
C
7
star
17

CVE-2018-16713

PoC code for CVE-2018-16713 (exploit by rdmsr)
C
6
star
18

CVE-2018-18714

PoC Code for CVE-2018-18714 (exploit by stack overflow)
C
6
star
19

CVE-2018-18026

PoC Code for CVE-2018-18026 (exploit by stack overflow)
C
6
star
20

soplock

The Simple Opportunistic Lock tool
C
5
star
21

CVE-2018-16711

PoC code for CVE-2018-16711 (exploit by wrmsr)
C
5
star
22

SHA-ME

A pure WinAPI program that demonstrates translating a file into a SHA-256 hash. Designed to be used as a utility.
C
4
star
23

Code-Rewrites

Programs and scripts I've ported to other languages, mostly for fun.
Pascal
4
star
24

Spoof-Task-Manager

An example showing how a mutex can stop taskmgr.exe from loading
Assembly
4
star
25

wat

The Linux coreutils spin off of cat, but for Windows.
Assembly
4
star
26

The-Good-Bad-Code

Pushing the limits of bad programming practices. Abusing APIs. Destroying utility programs.
Assembly
4
star
27

SystemsWork

A repo containing examples relating to various aspects of Windows internals and processor features
C
3
star
28

HyperCalc

An Intel HAXM powered, protected mode, 32 bit, hypervisor addition calculator, written in Rust.
Rust
3
star
29

Driver-Easy-Research

Python scripts for manipulating Driver Easy's servers
Python
3
star
30

bswap

A Windbg extension for swapping byte endianness.
C
2
star
31

Musical-Processes

Turn a process' memory into music (32-bit only)
Pascal
2
star
32

WhoCalls

A program which can query a directory of files, find the binaries, and search for a specified Win API import.
Rust
1
star
33

downwithup.github.io

Personal website
HTML
1
star