A collection of Microsoft Windows kernel structures, unions and enumerations. Most of them are not officially documented and cannot be found in Windows Driver Kit (WDK) headers. The target audience of this site is driver developers and kernel researches
https://www.vergiliusproject.com #windev #kernel #darw1n
https://www.vergiliusproject.com #windev #kernel #darw1n
Linux kernel 3.x - 5.x XFRM UAF PoC
A poc for the kernel vulnerability (CVE-2019-15666 Ubuntu / CentOS / RHEL) that was reported last year. CentOS was the last distribution to patch the bug in January 2020.
CVE-2019-15666:
https://duasynt.com/blog/ubuntu-centos-redhat-privesc
The technical report:
https://duasynt.com/pub/vnik/01-0311-2018.pdf
POC:
https://github.com/duasynt/xfrm_poc
#re #expdev #linux #kernel #cve #darw1n
A poc for the kernel vulnerability (CVE-2019-15666 Ubuntu / CentOS / RHEL) that was reported last year. CentOS was the last distribution to patch the bug in January 2020.
CVE-2019-15666:
https://duasynt.com/blog/ubuntu-centos-redhat-privesc
The technical report:
https://duasynt.com/pub/vnik/01-0311-2018.pdf
POC:
https://github.com/duasynt/xfrm_poc
#re #expdev #linux #kernel #cve #darw1n
Duasynt
CVE-2019-15666 Ubuntu / CentOS / RHEL Linux Kernel 4.4 - 4.18 privilege escalation - Vitaly Nikolenko
Ubuntu 18.04 16.04 14.04 / CentOS 8 / RHEL 8 kernel local privilege escalation
Windows Kernel Explorer (you can simply call it as "WKE") is a free but powerful kernel research tool. It supports from Windows XP to Windows 10 (32-bit and 64-bit). Compared with WIN64AST and PCHunter, WKE can run on the latest Windows 10 without updating binary files.
https://github.com/AxtMueller/Windows-Kernel-Explorer
#tools #kernel #windows #antirootkit #darw1n
https://github.com/AxtMueller/Windows-Kernel-Explorer
#tools #kernel #windows #antirootkit #darw1n
GitHub
GitHub - AxtMueller/Windows-Kernel-Explorer: A free but powerful Windows kernel research tool.
A free but powerful Windows kernel research tool. Contribute to AxtMueller/Windows-Kernel-Explorer development by creating an account on GitHub.
easy-kernelmapper: map your driver with a batch
Intro - https://www.unknowncheats.me/forum/anti-cheat-bypass/476567-easy-kernelmapper-map-driver-batch.html
Repo - https://github.com/0dayatday0/BattleFN-cheat-analysis
Analysis - https://github.com/0dayatday0/BattleFN-cheat-analysis/blob/main/cheat-analysis.pdf
#re #cheat #gamehack #malware #redteam #kernel #driver #0dayatday0
Intro - https://www.unknowncheats.me/forum/anti-cheat-bypass/476567-easy-kernelmapper-map-driver-batch.html
Repo - https://github.com/0dayatday0/BattleFN-cheat-analysis
Analysis - https://github.com/0dayatday0/BattleFN-cheat-analysis/blob/main/cheat-analysis.pdf
#re #cheat #gamehack #malware #redteam #kernel #driver #0dayatday0
π1
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
https://github.com/h3xduck/TripleCross
#rootkit #redteam #linux #kernel #Aligner
https://github.com/h3xduck/TripleCross
#rootkit #redteam #linux #kernel #Aligner
GitHub
GitHub - h3xduck/TripleCross: A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence andβ¦
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities. - h3xduck/TripleCross
π₯11π2
One I/O Ring to Rule Them All: A Full Read/Write Exploit Primitive on Windows 11
https://windows-internals.com/one-i-o-ring-to-rule-them-all-a-full-read-write-exploit-primitive-on-windows-11/
https://github.com/yardenshafir/IoRingReadWritePrimitive
#expdev #windows #kernel #expolit #tips #Aligner
https://windows-internals.com/one-i-o-ring-to-rule-them-all-a-full-read-write-exploit-primitive-on-windows-11/
https://github.com/yardenshafir/IoRingReadWritePrimitive
#expdev #windows #kernel #expolit #tips #Aligner
GitHub
GitHub - yardenshafir/IoRingReadWritePrimitive: Post exploitation technique to turn arbitrary kernel write / increment into fullβ¦
Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2 - yardenshafir/IoRingReadWritePrimitive
π₯9π7