Leo Hypervisor. ARM64 Hypervisor on Raspberry Pi 4 machine.

Linux Kernel Rookit Hooking Mechanism

Rust utility to extract UEFI IFR data into human-readable text

Binaries, drivers, PoCs and other stuff on Hydroph0bia vulnerability (CVE-2025-4275)

👓A collection of papers/tools/exploits for UEFI security.

Binarly Vulnerability Research Advisories

Load self-signed drivers without TestSigning or disable DSE. Transferred from https://github.com/DoubleLabyrinth/Windows10-CustomKernelSigners

OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI and the Task of the Translator"

This repo contains driver samples prepared for use with Microsoft Visual Studio and the Windows Driver Kit (WDK). It contains both Universal Windows Driver and desktop-only driver samples.

Internals information about Hyper-V

Updated version of System Management Mode backdoor for UEFI based platforms: old dog, new tricks

Demo proof of concept for shadow regions, and implementation of HyperDeceit.

get it, because it's a pipe filter?

baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability

SoftICE-like kernel debugger for Windows 11

A free online class on network information hiding/steganography/covert channels.

Static Binary Instrumentation tool for Windows x64 executables

Lenovo Diagnostics Driver EoP - Arbitrary R/W

Minifilter Callback Patching Proof-of-Concept

Bootkit for Windows Sandbox to disable DSE/PatchGuard.

Exploit that can be used on the Sar machine in Offsec Play

Elf binary infector written in Go.