Translate virtual addresses to physical addresses from usermode.

Complete list of LPE exploits for Windows (starting from 2023)

Example of DxgkPresent Hook

Stealthy Injector that leverages a vulnerable driver and other exploits to remain undetected

Internal-Pubg

Very easy to use pdb parsing library with only one header file，You can use it even if you are a fool.

HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux

Convert Microsoft's driver blocklist to a EDR detection hash list for unsupported operating systems (eg. Win 7,8)

Build a Jekyll blog in minutes, without touching the command line.

IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.

this repo holds entries for vulnurable drivers i decided to reverse engineer on my own, these are usually based on logical vulnurabilities that were caused by bad driver writing skills

kernel mode anti cheat

Janus is a pre-build event that performs string obfuscation during compile time. This project is based off the CIA's Marble Framework

Discarded Section Manual Map

driver manual mapper powered by https://github.com/estimated1337/lenovo_exec

DSE & PG bypass via BYOVD attack

cr3 shuffle driver

Internal hack for Counterstrike 1.6

Gadget-based Callstack Spoofing Detector.

Direct Memory Access (DMA) Attack Software

A efi-runner and message logger for vmware.

Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.

ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel driver by importing at runtime.

Build 8684