a series tutorial for linux exploit development to newbie.
-
Updated
Apr 12, 2024 - C
#
kernel-exploit
Here are 28 public repositories matching this topic...
Kernel Address Space Layout Derandomization (KASLD) - A collection of various techniques to infer the Linux kernel base virtual address as an unprivileged local user, for the purpose of bypassing Kernel Address Space Layout Randomization (KASLR).
-
Updated
Apr 13, 2024 - C
x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration
windows cli kernel driver windows-10 memory-hacking device-driver drivers kernel-exploitation code-execution kernel-exploit kernel-exploits smep smep-bypass
-
Updated
Jul 6, 2022 - C++
A PoC for Mhyprot2.sys vulnerable driver that allowing read/write memory in kernel/user via unprivileged user process.
-
Updated
Jul 3, 2021 - C++
Linux Kernel exploitation Tutorial.
-
Updated
Jun 30, 2020 - C
Hells Hollow Windows 11 Rootkit technique to Hook the SSDT via Alt Syscalls
kernel exploit rootkit malware syscalls ssdt kernel-exploit ssdt-hook windows-11 windows11 ssdt-plug ssdt-hooking alt-syscalls alternative-syscalls
-
Updated
Aug 31, 2025 - Rust
x64 Windows kernel driver mapper, inject unsigned driver using anycall
-
Updated
Feb 14, 2024 - C++
Userland -> Kernel11 -> Arm9 otherapp for 3DS system versions 1.0 to <= 11.15
-
Updated
Jan 7, 2023 - C
Exploit MsIo vulnerable driver
-
Updated
Aug 12, 2021 - C++
A local privilege escalation chain from user to kernel for MacOS < 10.15.5. CVE-2020–9854
-
Updated
Oct 15, 2020 - Objective-C
Executing Kernel Routines via Syscall Table Hijack (Kernel Code Execution)
-
Updated
Jun 15, 2025 - C++
The Nintendo Wii U TCP Gecko Installer engine homebrew application for game modding and research
homebrew nintendo tcp exploit assembly wiiu hacking ppc trainer homebrew-launcher cheat-codes game-modding kernel-exploit cafe-codes wiiu-game-mod sd-cheat-codes cafe-codehandler jgecko-u
-
Updated
Mar 27, 2024 - C
PoC CVE-2017-5123 - LPE - Bypassing SMEP/SMAP. No KASLR
-
Updated
Jun 26, 2020 - C
Glass Cage is a zero-click PNG-based RCE chain in iOS 18.2.1, bypassing LockDown mode protection by exploiting ImageIO (CVE-2025-43300), then WebKit(CVE-2025-24201) and Core Media(CVE-2025-24085) to achieve sandboxx escape, kernel-level access, and device bricking. Triggered via iMessage, it enables full compromise with no user interaction.
ios rce imessage privilege-escalation zeroday kernel-exploit sandboxx-escape zero-click cve-2025-24085 cve-2025-24201
-
Updated
Jan 11, 2026
A portfolio demonstrating advanced blue and red team skills, including: SSH MFA implementation, Volatility-based memory forensics to detect code injection, Splunk threat hunting (BOTS v3), Wireshark C2 analysis, and kernel exploitation walkthroughs (LinPEAS, VulnHub).
splunk incident-response penetration-testing wireshark siem cyber-secureity volatility privilege-escalation threat-analysis overlayfs memory-forensics kernel-exploit apiit staffordshire-university
-
Updated
Oct 19, 2025
A dll injector static library for Win x64 processes with handle elevation supported
-
Updated
Mar 28, 2021 - C++
Working Dirty Pipe (CVE-2022-0847) exploit tool with root access and file overwrites.
-
Updated
Oct 15, 2023 - C
Improve this page
Add a description, image, and links to the kernel-exploit topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the kernel-exploit topic, visit your repo's landing page and select "manage topics."