Lists (1)
Stars
LeechCore - Physical Memory Acquisition Library & The LeechAgent Remote Memory Acquisition Agent
Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+Bloc…
The research UEFI hypervisor that supports booting an operating system.
Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted file
My implementation of enSilo's Process Doppelganging (PE injection technique)
Simple but extensive library for DMA users, made for gamehacking
Driver that uses network sockets to communicate with client and read/ write protected process memory.
The Grimoire Hypervisor solution for x86 Processors with experimental nested virtualization support. Remastering with Rust in progress.
Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging
A project for allowing EDK-II Development with Visual Studio
KSOCKET provides a very basic example how to make a network connections in the Windows Driver by using WSK
MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.
The last Pcileech DMA CFW guide you will ever need. Sponsored by DMAPolice.com
Extract Windows Defender database from vdm files and unpack it
Efi Driver Access is a simply project to load a driver during system boot with the idea to give the user kernel access for read/write memory without restrictions
exploits and proof-of-concept vulnerability demonstration files from the team at Hacker House
Fast Conversion Windows Dynamic Link Library To ShellCode
GeoSn0w's OpenJailbreak Project, an open-source iOS 11 to iOS 13 Jailbreak project & vault.
C library for manipulating MachO/FAT files and their code signatures