hfiref0x/CVE-2015-1701

This repository has been archived on 07/Feb/2019
Stars
284
Rank 145,616 (Top 3 %)
Language
C
License
BSD 2-Clause "Sim...
Created over 9 years ago
Updated almost 7 years ago

hfiref0x

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Win32k LPE vulnerability used in APT attack

CVE-2015-1701

Win32k Elevation of Privilege Vulnerability.

Original info https://www.fireeye.com/blog/threat-research/2015/04/probable_apt28_useo.html

Protection

Apply MS15-051 for fix. https://technet.microsoft.com/library/security/MS15-051

Authors

Credits

R136a1

UACME

Defeating Windows User Account Control

5,920

KDU

Kernel Driver Utility

1,785

WinObjEx64

Windows Object Explorer 64-bit

1,633

SyscallTables

Windows NT x64 Syscall tables

1,039

TDL

Driver loader for bypassing Windows x64 Driver Signature Enforcement

1,001

VBoxHardenedLoader

VirtualBox VM detection mitigation loader

904

UPGDSED

Universal PatchGuard and Driver Signature Enforcement Disable

802

DSEFix

Windows x64 Driver Signature Enforcement Overrider

674

NtCall64

Windows NT x64 syscall fuzzer

533

WDExtract

Extract Windows Defender database from vdm files and unpack it

391

WubbabooMark

Debugger Anti-Detection Benchmark

270

LightFTP

Small x86-32/x64 FTP Server

232

VMDE

Source from VMDE paper, adapted to 2015

171

ZeroAccess

ZeroAccess v3 toolkit

158

SXSEXP

Expand compressed files from WinSxS folder

133

Stryker

Multi-purpose proof-of-concept tool based on CPU-Z CVE-2017-15303

107

AuthHashCalc

Authenticode Hash Calculator for PE32/PE32+ files

MpEnum

Enumerate Windows Defender threat families and dump their names according category

Misc

Miscellaneous Code and Docs

ROCALL

ReactOS x86-32 syscall fuzzer

BSODScreen

BSOD Screensaver

AsIo3Unlock

ASUSTeK AsIO3 I/O driver unlock

Vault

Various code from the past (for historical purposes)

Pascal

LightFTP_win

hfiref0x.github.io

HTML

AR4FFC

Archive repository for fast fact-checks