a series tutorial for linux exploit development to newbie.

KASLD derandomizes the Linux kernel's virtual and physical memory layout as an unprivileged local user.

Cross-platform C port of the Copy Fail Linux LPE (CVE-2026-31431). Disclosed 2026-04-29 by Theori / Xint.

x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration

A PoC for Mhyprot2.sys vulnerable driver that allowing read/write memory in kernel/user via unprivileged user process.

macOS Kernel Exploit for CVE-2019-8781.

Linux Kernel exploitation Tutorial.

Tutorial for writing kernel exploits

Hells Hollow Windows 11 Rootkit technique to Hook the SSDT via Alt Syscalls

x64 Windows kernel driver mapper, inject unsigned driver using anycall

Userland -> Kernel11 -> Arm9 otherapp for 3DS system versions 1.0 to <= 11.15

Exploit MsIo vulnerable driver

Multi-architecture Linux privilege escalation toolkit with 19 pre-built and runtime-compilable exploits. Auto-detects kernel version, filters patched exploits, tries each until root.

A local privilege escalation chain from user to kernel for MacOS < 10.15.5. CVE-2020–9854

Executing Kernel Routines via Syscall Table Hijack (Kernel Code Execution)

The Nintendo Wii U TCP Gecko Installer engine homebrew application for game modding and research

Glass Cage is a zero-click PNG-based RCE chain in iOS 18.2.1, bypassing LockDown mode protection by exploiting ImageIO (CVE-2025-43300), then WebKit(CVE-2025-24201) and Core Media(CVE-2025-24085) to achieve sandbox escape, kernel-level access, and device bricking. Triggered via iMessage, it enables full compromise with no user interaction.

PoC CVE-2017-5123 - LPE - Bypassing SMEP/SMAP. No KASLR

A portfolio demonstrating advanced blue and red team skills, including: SSH MFA implementation, Volatility-based memory forensics to detect code injection, Splunk threat hunting (BOTS v3), Wireshark C2 analysis, and kernel exploitation walkthroughs (LinPEAS, VulnHub).

tower of fantasy anti-cheat driver exploit research