Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999

(unofficial) Hyper-V® Development Kit

Use a TPM to store a TOTP token in order to attest boot state to another device

UEFI DXE driver to take screenshots from GOP-compatible graphic consoles

An example driver for Windows that shows how to set-up some basic components of the Windows Filtering Platform

PageBuster - dump all executable pages of packed processes.

privilege separation engine for OpenSSL / LibreSSL

Previously-0day exploit from the Hacking Team leak, written by Eugene Ching/Qavar.

Detect if your container is running under a hypervisor

Linux local root exploit for CVE-2014-0038

FUSE for the Windows kernel

Packet capture on Windows without a kernel driver

Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider

Shadow-Box: Lightweight and Practical Kernel Protector for x86 (Presented at BlackHat Asia 2017/2018, beVX 2018 and HITBSecConf 2017)

a bare metal (type 1) VMM (hypervisor) with a python remote control API

The code to the SGX-ROP paper

A FUSE-based fault injection filesystem.

An attempt at Process Doppelgänging

Self-contained C/C++ profiler library for Linux

Automatically exported from code.google.com/p/ioctlfuzzer

TLB splitting VMM

PoC for breaking hypervisor ASLR using branch target buffer collisions

Expand compressed files from WinSxS folder

bpflock - eBPF driven security for locking and auditing Linux machines

Kernel Test Framework

Kernel Detective

The runtime DXE driver monitoring access to the UEFI variables by hooking the runtime service table.