9
Repos
1.5k
Stars
310
Forks
1.5k
Watchers
Repositories (9)
anycall
kkent030315/anycall
C++
x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration
393
71
evil-mhyprot-cli
kkent030315/evil-mhyprot-cli
C++
A PoC for Mhyprot2.sys vulnerable driver that allowing read/write memory in kernel/user via unprivileged user process.
353
69
anymapper
kkent030315/anymapper
C++
x64 Windows kernel driver mapper, inject unsigned driver using anycall
208
38
NoPatchGuardCallback
kkent030315/NoPatchGuardCallback
C
x64 Windows PatchGuard bypass, register process-creation callbacks from unsigned code
208
36
MsIoExploit
kkent030315/MsIoExploit
C++
Exploit MsIo vulnerable driver
132
37
NtSymbol
kkent030315/NtSymbol
C++
Resolve DOS MZ executable symbols at runtime
96
24
anyvtop
kkent030315/anyvtop
C++
x64 Windows implementation of virtual-address to physical-address translation
40
12
ProcessVmAccess
kkent030315/ProcessVmAccess
C
Two PoC of accessing process virtual memory via NT Kernel
22
11
anyelevate
kkent030315/anyelevate
C++
x64 Windows privilege elevation using anycall
19
12