waleedassar

RestrictedKernelLeaks

SimpleNTSyscallFuzzer

SyscallNumberFinder

SyscallNumberExtractor

ALPC_CLIENT_SERVER

Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.

CVE-2022-24483

POC For CVE-2022-24483

KeCreateEnclave_NullPtr_Dereference_DOS

ObpCreateSymbolicLinkName_EoP

NtInitializeEnclave_DoS_POC

ProcessExplorerProcessNameDoS

PartitionCreator

ProcessExplorerObjectNameDoS

CVE-2021-31184

NativeDebugger

Code to demonstrate how to use native NT syscalls to create a debugger

NduRegisterInterfaceByteCountLimitExceeded_Bug

PiControlQueryConflictList_bug

WinObjCrash1

MyDumper64

NtManagePartition_DPC_WATCHDOG_VIOLATION

NtPssCaptureVaSpaceBulk

How to use the new "NtPssCaptureVaSpaceBulk" syscall.

PrivateNamespace

TokenPrivilegeAssigner

NtCreateXStateChange

Code to show how to use new NtCreateProcessStateChange/NtCreateThreadStateChange syscalls

DisableCriticalProcesses

A tool for disabling all critical processes on the system.

LowBox

LowOnResources

NativeAttacherDebugger

Code to demonstrate how to user native syscalls to create a debugger

ObpCreateSymbolicLinkName_ReadBeyondBoundary

RemoveCriticalSvc

An Svchost service for disabling all critical processes on the system

RtlpCopyXStateChunk_Bug