LXC - Linux Containers

UEFI firmware image viewer and editor

"Das U-Boot" Source Tree

This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.

Hiding kernel-driver for x86/x64.

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

Windows NT Syscall tables

proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC

AntiSpy is a free but powerful anti virus and rootkits toolkit.It offers you the ability with the highest privileges that can detect,analyze and restore various kernel modifications and hooks.With …

Intel / AMD CPU Internals

FUSE filesystem for LXC

Dump the memory of a PPL with a userland exploit

PCI Express DIY hacking toolkit for Xilinx SP605. This repository is also home of Hyper-V Backdoor and Boot Backdoor, check readme for links and info

The functions interception library written on pure C and NativeAPI with UserMode and KernelMode support

Internals information about Hyper-V

First open source and publicly available System Management Mode backdoor for UEFI based platforms. Good as general purpose playground for various SMM experiments.

Improving AFL by using Intel PT to collect branch information

Research on Windows Kernel Executive Callback Objects

Using ftrace for function hooking in Linux kernel

bpflock - eBPF driven security for locking and auditing Linux machines

EFI Development Kit

Main repository of KEDR project

The simple UEFI application to create a Windows Platform Binary Table (WPBT) from the UEFI shell.

CVE-2018-8440 standalone exploit

Skeleton project for your own GRUB-based bootkit

POC exploit code for CVE-2020-1048(PrintDemon)

A linux kernel funtions hooking module

A windows kernel driver to Block symbolic link exploit used for privilege escalation.

A Systemwide memory monitoring interface for linux