all InfoSec news
VectorKernel - PoCs For Kernelmode Rootkit Techniques Research
KitPloit - PenTest Tools! www.kitploit.com
PoCs for Kernelmode rootkit techniques research or education. Currently focusing on Windows OS. All modules support 64bit OS only.
NOTE
Some modules use ExAllocatePool2 API to allocate kernel pool memory. ExAllocatePool2 API is not supported in OSes older than Windows 10 Version 2004. If you want to test the modules in old OSes, replace ExAllocatePool2 API with ExAllocatePoolWithTag API.
Environment
All modules are tested in Windows 11 x64. To test drivers, following options can be used for the testing machine: …
64bit api education kernel memory modules old pocs research reversing rootkit stealing support techniques test token vectorkernel version windows windows 10 windows os