kernel-exploit

Star

Here are 27 public repositories matching this topic...

Language:All

Filter by language

All27 C10 C++7 Python2 Shell2 Objective-C1 Rust1

Sort:Most stars

Sort options

Most stars Fewest stars Most forks Fewest forks Recently updated Least recently updated

hardenedlinux /linux-exploit-development-tutorial

Star568

a series tutorial for linux exploit development to newbie.

linux tutorials kernel-exploit

UpdatedApr 12, 2024
C

bcoles /kasld

Star465

Kernel Address Space Layout Derandomization (KASLD) - A collection of various techniques to infer the Linux kernel base virtual address as an unprivileged local user, for the purpose of bypassing Kernel Address Space Layout Randomization (KASLR).

linux kernel linux-kernel kernel-exploit kaslr linux-kaslr

UpdatedApr 13, 2024
C

kkent030315 /anycall

Star371

x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration

windows cli kernel driver windows-10 memory-hacking device-driver drivers kernel-exploitation code-execution kernel-exploit kernel-exploits smep smep-bypass

UpdatedJul 6, 2022
C++

kkent030315 /evil-mhyprot-cli

Star337

A PoC for Mhyprot2.sys vulnerable driver that allowing read/write memory in kernel/user via unprivileged user process.

windows kernel exploit driver kernel-exploit kernel-exploits mhyprot2 mhyprot

UpdatedJul 3, 2021
C++

A2nkF /macOS-Kernel-Exploit

Star293

macOS Kernel Exploit for CVE-2019-8781.

macos exploit kernel-exploit

UpdatedOct 15, 2019
C

Lazenca /Kernel-exploit-tech

Star276

Linux Kernel exploitation Tutorial.

linux-kernel tutorials kernel-exploitation tutorial-exercises linux-kernel-hacking kernel-exploit

UpdatedJun 30, 2020
C

RKX1209 /kernel_exploit_world

Star256

Tutorial for writing kernel exploits

tutorial linux-kernel kernel-exploit

UpdatedAug 10, 2025
C

0xflux /Hells-Hollow

Star206

Hells Hollow Windows 11 Rootkit technique to Hook the SSDT via Alt Syscalls

kernel exploit rootkit malware syscalls ssdt kernel-exploit ssdt-hook windows-11 windows11 ssdt-plug ssdt-hooking alt-syscalls alternative-syscalls

UpdatedAug 31, 2025
Rust

kkent030315 /anymapper

Star184

x64 Windows kernel driver mapper, inject unsigned driver using anycall

windows kernel windows-10 injector code-injection code-execution kernel-exploit kernel-exploits

UpdatedFeb 14, 2024
C++

TuxSH /universal-otherapp

Star152

Userland -> Kernel11 -> Arm9 otherapp for 3DS system versions 1.0 to <= 11.15

exploit nintendo-3ds 3ds kernel-exploit

UpdatedJan 7, 2023
C

kkent030315 /MsIoExploit

Star115

Exploit MsIo vulnerable driver

windows kernel kernel-exploit kernel-exploits cve-2019-18845

UpdatedAug 12, 2021
C++

A2nkF /unauthd

Star85

A local privilege escalation chain from user to kernel for MacOS < 10.15.5. CVE-2020–9854

macos exploit kernel-exploit

UpdatedOct 15, 2020
Objective-C

V-i-x-x /win11-kernel-execution-syscall-hijack

Star48

Executing Kernel Routines via Syscall Table Hijack (Kernel Code Execution)

kernel reverse-engineering kernel-exploitation kernel-exploit windows-11

UpdatedJun 15, 2025
C++

BullyWiiPlaza /tcpgecko

Star44

The Nintendo Wii U TCP Gecko Installer engine homebrew application for game modding and research

homebrew nintendo tcp exploit assembly wiiu hacking ppc trainer homebrew-launcher cheat-codes game-modding kernel-exploit cafe-codes wiiu-game-mod sd-cheat-codes cafe-codehandler jgecko-u

UpdatedMar 27, 2024
C

c3r34lk1ll3r /CVE-2017-5123

Star32

PoC CVE-2017-5123 - LPE - Bypassing SMEP/SMAP. No KASLR

exploit writeup kernel-exploit cve-2017-5123

UpdatedJun 26, 2020
C

JGoyd /Glass-Cage-iOS18-CVE-2025-24085-CVE-2025-24201

Star27

Glass Cage is a zero-click PNG-based RCE chain in iOS 18.2.1, bypassing LockDown mode protection by exploiting ImageIO (CVE-2025-43300), then WebKit(CVE-2025-24201) and Core Media(CVE-2025-24085) to achieve sandbox escape, kernel-level access, and device bricking. Triggered via iMessage, it enables full compromise with no user interaction.

ios rce imessage privilege-escalation zeroday kernel-exploit sandbox-escape zero-click cve-2025-24085 cve-2025-24201

UpdatedNov 27, 2025

thieveshkar /Offensive-Security-Forensics-Portfolio

Star20

A portfolio demonstrating advanced blue and red team skills, including: SSH MFA implementation, Volatility-based memory forensics to detect code injection, Splunk threat hunting (BOTS v3), Wireshark C2 analysis, and kernel exploitation walkthroughs (LinPEAS, VulnHub).

splunk incident-response penetration-testing wireshark siem cyber-security volatility privilege-escalation threat-analysis overlayfs memory-forensics kernel-exploit apiit staffordshire-university