Michael B.

icon indicating a website link downwithup.github.io icon indicating an email [email protected]

icon location Internet icon location Security researcher. Interested in low-level technologies.

Results 7 repositories owned by Michael B.

CallMon

124
Stars
40
Forks
Watchers

CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers

verified publisher icon DownWithUp

ALPC-Example

84
Stars
28
Forks
Watchers

An example of a client and server using Windows' ALPC functions to send and receive data.

verified publisher icon DownWithUp

CVE-2018-16712

25
Stars
5
Forks
Watchers

PoC Code for CVE-2018-16712 (exploit by MmMapIoSpace)

verified publisher icon DownWithUp

CVE-Stockpile

45
Stars
19
Forks
Watchers

Master list of all my vulnerability discoveries. Mostly 3rd party kernel drivers.

verified publisher icon DownWithUp

DynamicKernelShellcode

102
Stars
32
Forks
Watchers

An example of how x64 kernel shellcode can dynamically find and use APIs

verified publisher icon DownWithUp

WhoCalls_C

17
Stars
5
Forks
Watchers

WhoCalls can query a directory of files, find the binaries, and search for a user specified Win API import. It and works with both 32-bit (PE) and 64-bit (PE32+) file formats (.exe, .dll, .sys)

verified publisher icon DownWithUp

WarbirdExamples

24
Stars
3
Forks
Watchers

An example of how to use Microsoft Windows Warbird technology

verified publisher icon DownWithUp