msFuzz is a coverage-guided fuzzer for Windows kernel drivers that utilizes Intel PT and leverages constraint and dependency analysis to guide fuzzing.
Build your emulation environment as needed
improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys
A windows 11 rootkit in Rust
The project uses SSDT Hooking to bypass security checks during driver loading by hooking NtLoadDriver and modifying the PreviousMode flag.
A comprehensive technical guide with an in-depth analysis of the Windows process lifecycle, from initial user-mode API calls through kernel-mode creation to final user code execution.
This project demonstrates the privilege escalation for a user-mode process - cmd.exe using stack overflow in the kernel mode driver. The user-mode component 'testbed_console.exe' sends CTL_CODE with a payload to the vulnerable driver 'testbed_driver.sys', which call RtlCopyMemory without any checks. 'testbed_console.exe' includes 'testbed_driver…
A guide to get you started with Windows Kernel Debugging walking you through the complete setup and usage of WinDbg to trace Windows process creation at the kernel level, from boot to PspCreateProcess, using VMware Workstation.
Add a description, image, and links to the windows-kernel-exploitation topic page so that developers can more easily learn about it.
To associate your repository with the windows-kernel-exploitation topic, visit your repo's landing page and select "manage topics."