windows-kernel-exploits Windows平台提权漏洞集合

A repository for learning various heap exploitation techniques.

This repo contains driver samples prepared for use with Microsoft Visual Studio and the Windows Driver Kit (WDK). It contains both Universal Windows Driver and desktop-only driver samples.

UEFI firmware image viewer and editor

State-of-the-art native debugging tools

Vifm is a file manager with curses interface, which provides Vim-like environment for managing objects within file systems, extended with some useful ideas from mutt.

HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux

ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja disassemblers.

The single instruction C compiler

WDF makes it easy to write high-quality Windows drivers

An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).

Windows Research Kernel Source Code

Quickly debug shellcode extracted during malware analysis

helps visualize heap operations for pwn and debugging

PoC exploits for CVE-2020-17382

Helper idapython code for reversing kmdf drivers

x64dbg plugin for running python3 script. Focus on doing malware analyst and unpacking

LPE exploit for CVE-2023-36802

Check libc heap attacks

Plugin for x64dbg to paste a file in memory...

Simple Windows Debugger

This is a simple debugger I created for debugging programs in Windows.