k's repositories
ReverseKit
x64 Dynamic Reverse Engineering Toolkit
GDRVLoader
Unsigned driver loader using CVE-2018-19320
ZeroThreadKernel
Recursive and arbitrary code execution at kernel-level without a system thread creation
Reversing-a-signed-driver
Reverse Engineering a signed kernel driver packed and virtualized with VMProtect 3.6
Demystifying-PatchGuard
Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unauthorized modifications to the Windows kernel. The analysis is done through practical engineering, with a focus on understanding PatchGuard's inner workings.
IDTHook-x86
Detour hooking IRQ1 ISR through IDT (Interrupt Descriptor Table)