KDMAPPER build [1809,1903,1909,2004]

Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.

windows-kernel-exploits Windows平台提权漏洞集合

A collection of various vulnerable (mostly physical memory exposing) drivers.

Living Off The Land Drivers

DSE bypass using a leaked cert and adjusting the current clock.

A mapper that maps shellcode into loaded large page drivers

Exploitable drivers, you know what I mean

Unsigned driver loader using CVE-2018-19320

Code to disable DSE(Driver Signature Enforcement) using vulnerable gigabyte driver.

Intercepting DeviceControl via WPP

A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.

Kernel Mode Driver for Elevating Process Privileges

Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.

Enumerating and removing kernel callbacks using signed vulnerable drivers

It's pointy and it hurts!

Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.

bring your own vulnerable driver

PoC exploit for HP Hardware Diagnostic's EtdSupp driver

usermode driver mapper that forcefully loads any signed kernel driver (legit cert) with a big enough section (example: .data, .rdata) to map your driver over. the main focus of this project is to p…

A PoC for Mhyprot2.sys vulnerable driver that allowing read/write memory in kernel/user via unprivileged user process.

A x64 Windows Rootkit using SSDT or Hypervisor hook

Hook system calls on Windows by using Kaspersky's hypervisor

Virtual and physical memory hacking library using gigabyte vulnerable driver

Abusing SpeedFan driver ability of physical memory manipulation

Lenovo Diagnostics Driver EoP - Arbitrary R/W

manually map driver for a signed driver memory space