Lists (5)
Stars
IA32-doc is a project which aims to put as many definitions from the Intel Manual into machine-processable format as possible
Windows x64 DLL/Driver manual map injection on a non-present PML4E using physical memory read/writes, direct page table manipulation and contextualized address space cloning
This is an EfiGuard BootLoader that can boot EfiGuard from Usermode with no USB or Setup as a Single Executable with automatic File Dumping using Bytes.
usermode driver mapper that forcefully loads any signed kernel driver (legit cert) with a big enough section (example: .data, .rdata) to map your driver over. the main focus of this project is to p…
Nidhogg is an all-in-one simple to use windows kernel rootkit.
A headless MCP server for IDA Pro. It lets AI agents open and analyze multiple IDA databases on demand, without launching the IDA manully.
Windows User-Mode Shellcode Development Framework (WUMSDF)
A curated list of awesome resources related to executable packing
x64 Windows kernel driver mapper, inject unsigned driver using anycall
x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration
💻 C++ Functional Terminal User Interface. ❤️
A minimal, single-header arena-based thread-safe memory allocator for C.
A tiny, single-header C dynamic array (vector) library with customizable allocators.
A headless, extendable, multi-session, IDA Pro MCP framework.
Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling without admin permissions or kernel drivers.
A library to develop kernel level Windows payloads for post HVCI era
A Windows PE loader / manual mapper for executables (x86 and x64) with full TLS (Thread Local Storage) support.
An even funnier way to disable windows defender. (through WSC api)
Useful scripts for WinDbg using the debugger data model