handle elevation using bedaisy. write up can be found here https://back.engineering/21/08/2020/
Updated 3 years ago
Paging Table Manipulation From Usermode
Updated 3 years ago
PSKP - Process-Context Specific Kernel Patches
Updated 3 years ago
Process-Context Specific Kernel Driver Mapper (PSKDM)
Updated 3 years ago
Vulnerable Driver Manipulation
Updated 3 years ago
Updated 3 years ago
inject a process into your context.
Updated 3 years ago
Reverse engineering of R6 Cheat.
Updated 3 years ago
Process Cloning
Updated 3 years ago
/proc/kmem reimplementation for windows
Updated 3 years ago
run code in an address space not associated with a process.
Updated 3 years ago
old probe from 6/xx/2020 to test theoretical page table concepts
Updated 3 years ago
inserts a PML4E where a prior PML4E is set to not present, pointing at the PDPT that contains the dll.
Updated 3 years ago
swap driver on disk and memory with a Microsoft driver.
Updated 3 years ago
hook all win32k syscalls with a single .data pointer swap
Updated 3 years ago
Extracts the files embedded inside of a .NET AppHost.
Updated 3 years ago
Updated 3 years ago
force delete any file (and directory)
Updated 3 years ago
elevate arbitrary MSR writes to kernel execution
Updated 3 years ago
Highly Modular Driver Mapper
Updated 3 years ago