yardenshafir
yardenshafir
/ vulnerable_drivers_hvci_bypass
Created
May 22, 2023 16:17
Vulnerable drivers from loldrivers.io that load with HVCI blocklist version 25314
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - 0a6a1c9a7f80a2a5dcced5c4c0473765.bin | |
| - 0c0195c48b6b8582fa6f6373032118da.bin | |
| - 0d5774527af6e30905317839686b449d.bin | |
| - 045ef7a39288ba1f4b8d6eca43def44f.bin | |
| - 07efb8259b42975d502a058db8a3fd21.bin | |
| - 0898af0888d8f7a9544ef56e5e16354e.bin | |
| - 08c1bce6627764c9f8c79439555c5636.bin | |
| - 09672532194b4bff5e0f7a7d782c7bf2.bin | |
| - 0dff47f3b14fb1c1bad47cc517f0581a.bin | |
| - 0fc2653b1c45f08ca0abd1eb7772e3c0.bin |
yardenshafir
/ CIPolicyParser.ps1
Last active
March 30, 2023 13:01
— forked from mattifestation/CIPolicyParser.ps1
Functions to recover information from binary Windows Defender Application Control (WDAC) Code Integrity policies.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Ensure System.Security assembly is loaded. | |
| Add-Type -AssemblyName System.Security | |
| function ConvertTo-CIPolicy { | |
| <# | |
| .SYNOPSIS | |
| Converts a binary file that contains a Code Integrity policy into XML format. | |
| Author: Matthew Graeber (@mattifestation) |