Michael B.'s starred repositories
no-defender
A slightly more fun way to disable windows defender + firewall. (through the WSC api)
windows-drivers-rs
Platform that enables Windows driver development in Rust. Developed by Surface.
obfuscator
PE bin2bin obfuscator
UEFI-Bootkit
A small bootkit which does not rely on x64 assembly.
process-cloning
The Definitive Guide To Process Cloning on Windows
illusion-rs
Rusty Hypervisor - Windows UEFI Blue Pill Type-1 Hypervisor in Rust (Codename: Illusion)
UEFI-Lessons
Lessons to get to know UEFI programming in Linux with the help of EDKII
CVE-2024-21111
Oracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability
DefenderYara
Extracted Yara rules from Windows Defender mpavbase and mpasbase
SandboxSecurityTools
Security testing tools for Windows sandboxing technologies
SmmExploit
The report and the exploit of CVE-2021-26943, the kernel-to-SMM local privilege escalation vulnerability in ASUS UX360CA BIOS version 303.
RTCore64_Vulnerability
Use RTCore64 to map your driver on windows 11.
BadRentdrv2
A vulnerable driver exploited by me (BYOVD) that is capable of terminating several EDRs and antivirus software in the market, rendering them ineffective, working for both x32 and x64(CVE-2023-44976).
UefiVarTool
Scriptable tool to read and write UEFI variables from EFI shell. View, save, edit and restore hidden UEFI (BIOS) Setup settings faster than with the OEM menu forms.
thunderclap-fpga-arria10
Thunderclap hardware for Intel Arria 10 FPGA
InactiveTitlebarPatch
Simple registry patch to turn inactive title bar color dark