Research on Windows Kernel Executive Callback Objects
☆317Feb 22, 2020Updated 6 years ago
Alternatives and similar repositories for ExecutiveCallbackObjects
Users that are interested in ExecutiveCallbackObjects are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆243Nov 6, 2019Updated 6 years ago
- A driver that hooks C: volume using symbolic link callback to track all FS access to the volume☆108Apr 24, 2020Updated 6 years ago
- Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.☆911Nov 21, 2019Updated 6 years ago
- win10 pgContext dynamic dump (btc version)☆115Jan 15, 2020Updated 6 years ago
- A POC for Windows Extension Host hooking☆24Jul 13, 2019Updated 6 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- C++ Exceptions in Windows Drivers☆220Dec 21, 2020Updated 5 years ago
- VT-based PCI device monitor (SPI)☆158Oct 29, 2020Updated 5 years ago
- Reverse engineered source code of the autochk rootkit☆212Nov 1, 2019Updated 6 years ago
- Hide codes/data in the kernel address space.☆187May 8, 2021Updated 5 years ago
- An example of a client and server using Windows' ALPC functions to send and receive data.☆121Jan 21, 2025Updated last year
- Open Course for diving security internal☆52Nov 11, 2019Updated 6 years ago
- WinDBG Anti-RootKit Extension☆642Jul 29, 2020Updated 5 years ago
- KSOCKET provides a very basic example how to make a network connections in the Windows Driver by using WSK☆545Sep 2, 2022Updated 3 years ago
- MemoryRanger protects kernel data and code by running drivers and hosting data in isolated kernel enclaves using VT-x and EPT features. M…☆244Jul 26, 2020Updated 5 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Analyze Windows x64 Kernel Memory Layout☆132Nov 19, 2020Updated 5 years ago
- CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers☆147Sep 5, 2020Updated 5 years ago
- ☆123May 23, 2020Updated 6 years ago
- proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC☆1,289May 1, 2024Updated 2 years ago
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆137Mar 16, 2026Updated 3 months ago
- The program draws with win32k gdi functions in the kernel while NtGdiDdDDISubmitCommand is being hooked.☆352Apr 27, 2020Updated 6 years ago
- Turn off PatchGuard in real time for win7 (7600) ~ later☆1,042Apr 21, 2022Updated 4 years ago
- Internals information about Hyper-V☆742May 6, 2026Updated last month
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆183Nov 30, 2017Updated 8 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- System call hook for Windows 10 20H1☆495Jun 26, 2021Updated 5 years ago
- Hook system calls on Windows by using Kaspersky's hypervisor☆1,298Apr 2, 2026Updated 2 months ago
- APC Internals Research Code☆175Jun 28, 2020Updated 6 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆64Jun 19, 2019Updated 7 years ago
- Load self-signed drivers without TestSigning or disable DSE. Transferred from https://github.com/DoubleLabyrinth/Windows10-CustomKernelSi…☆798Jan 22, 2020Updated 6 years ago
- Hook system calls, context switches, page faults and more.☆2,657May 9, 2023Updated 3 years ago
- CFB is a ProcMon-style tool designed to assist capturing IRPs sent to Windows drivers.☆335Mar 26, 2024Updated 2 years ago
- Examples of leaking Kernel Mode information from User Mode on Windows☆644Jul 7, 2017Updated 8 years ago
- Toolkit for Hyper-V security research☆156Mar 7, 2022Updated 4 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Windows kernel hacking framework, driver template, hypervisor and API written on C++☆1,817Nov 12, 2023Updated 2 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆103May 14, 2020Updated 6 years ago
- API Set resolver for Windows☆143Sep 11, 2024Updated last year
- 过去写的一些Windows安全研究相关代码☆134Feb 2, 2019Updated 7 years ago
- windows kernel security development☆2,065Sep 6, 2022Updated 3 years ago
- kHypervisor is a lightweight bluepill-like nested VMM for Windows, it provides and emulating a basic function of Intel VT-x☆454Nov 29, 2021Updated 4 years ago
- This is the P.O.C source for hooking the system calls on Windows 10 (1903) using it's dynamic trace feature weakness☆58Sep 12, 2019Updated 6 years ago