klezVirus's repositories
SysWhispers3
SysWhispers on Steroids - AV/EDR evasion via direct system calls.
CVE-2021-40444
CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit
SilentMoonwalk
PoC Implementation of a fully dynamic call stack spoofer
DriverJack
Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths
NimlineWhispers3
A tool for converting SysWhispers3 syscalls for use with Nim projects
RpcProxyInvoke
Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar
klezVirus.github.io
CyberSec Blog
koppeling-p
Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
obfuscator
ollvm, based on llvm-clang 5.0.2, 6.0.1, 7.0.1, 8.0, 9.0, 9.0.1
AsStrongAsFuck
A console obfuscator for .NET assemblies.
deser-node
NodeJS Deserialization Payload Generator
HWSyscalls
HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.
LdrLibraryEx
A small x64 library to load dll's into memory.
titanldr-ng
A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge years ago.
angryorchard
A kernel vulnerability used to achieve arbitrary read-write on Windows prior to July 2022
node-hello
Hello World for Node.js