Repository profile
Windows handle hijacking technique
Repository updates
Get generated gmh5225/Handle-Ripper development summaries by email, or follow the weekly and monthly RSS feeds.
Sign in to subscribe by email. RSS feeds are public.
Sign in to subscribeTracked growth, recent movement, and commit velocity from stored repository snapshots.
Latest capture 2026-06-24 13:41
1 capture since 2026-06-24
Stars from baseline 0
All tracked data
Frameworks, package managers, ecosystems, and dependency manifests found during catalog scans.
Scanned 2026-06-24 13:41
Handle-Ripper.sln
dotnet ecosystem,
0 dependencies
Searchable topics, generated tags, and stack labels that explain where this repository fits.
Agent instructions and tool configuration paths found in the repository tree.
Nearest indexed repositories by embedding similarity.
Driver + DLL which allows us to open handles to callback-protected processes
BYOVD Technique Example using viragt64 driver
A simple POC that demonstrates A vulnerability found in IObitUnlocker 1.1.2 that leverages IOCTL codes found it its vulnerable driver (IObitUnlocker.sys), providing ability to unlock, delete, rename, copy, and move running files and a low privileged user.
arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system
PoC exploit for the vulnerable WatchDog Anti-Malware driver (amsdk.sys) – weaponized to kill protected EDR/AV processes via BYOVD.
SuperDllHijack:A general DLL hijack technology, don't need to manually export the same function interface of the DLL, so easy! 一种通用Dll劫持技术,不再需要手工导出Dll的函数接口了
