9
Repos
1.5k
Stars
311
Forks
1.5k
Watchers
Repositories (9)
anycall
kkent030315/anycall
C++
x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration
394
71
evil-mhyprot-cli
kkent030315/evil-mhyprot-cli
C++
A PoC for Mhyprot2.sys vulnerable driver that allowing read/write memory in kernel/user via unprivileged user process.
354
69
NoPatchGuardCallback
kkent030315/NoPatchGuardCallback
C
x64 Windows PatchGuard bypass, register process-creation callbacks from unsigned code
208
36
anymapper
kkent030315/anymapper
C++
x64 Windows kernel driver mapper, inject unsigned driver using anycall
207
38
MsIoExploit
kkent030315/MsIoExploit
C++
Exploit MsIo vulnerable driver
134
37
NtSymbol
kkent030315/NtSymbol
C++
Resolve DOS MZ executable symbols at runtime
96
24
anyvtop
kkent030315/anyvtop
C++
x64 Windows implementation of virtual-address to physical-address translation
50
13
ProcessVmAccess
kkent030315/ProcessVmAccess
C
Two PoC of accessing process virtual memory via NT Kernel
22
11
anyelevate
kkent030315/anyelevate
C++
x64 Windows privilege elevation using anycall
19
12