Memory-Dump-UEFI is a UEFI application for dumping the contents of RAM.

PoCs for Kernelmode rootkit techniques research.

Enumerating and removing kernel callbacks using signed vulnerable drivers

HWID Spoofer which spoofs disk serials, smart disk serials and SMBIOS.

Anti-Rootkit/Anti-Cheat Driver to uncover unbacked or hidden kernel code.

HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.

My personal cheat sheet for using WinDbg for kernel debugging

Hardcore Debugging

A matrix of memory corruption mitigations

Internals information about Hyper-V

This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.

Intel, AMD, VIA & Freescale Microcode Extraction Tool

UEFI and SMM Assessment Tool

EMBA - The firmware security analyzer

Parse BIOS/Intel ME/UEFI firmware related structures: Volumes, FileSystems, Files, etc

KVM-based Virtual Machine Introspection

Intel / AMD CPU Internals

repository for kernel exploit practice

A collection of links related to Linux kernel security and exploitation

Kernel exploitation technique

Application Kernel for Containers

bpflock - eBPF driven security for locking and auditing Linux machines

Intel Engine & Graphics Firmware Analysis Tool

"Das U-Boot" Source Tree

This Linux kernel module is designed to provide a new service that allows to substitute multi-byte NOPs encountered along the execution trace of any intyerrupt handler with CALLs to functions speci…

A linux kernel funtions hooking module

A Systemwide memory monitoring interface for linux

A (GCC) compiler plugin for multiversing functions

A book-in-progress about the Linux kernel and its insides.

Breaking Secure Boot with SMM