Using NtCreateFile and NtDeviceIoControlFile to realize the function of winsock(利用NtCreateFile和NtDeviceIoControlFile 实现winsock的功能)
☆128Sep 9, 2022Updated 3 years ago
Alternatives and similar repositories for NtSocket_NtClient_NtServer
Users that are interested in NtSocket_NtClient_NtServer are comparing it to the libraries listed below
Sorting:
- 利用物理内存映射,实现虚拟内存的伪隐藏☆86Sep 15, 2022Updated 3 years ago
- The Kernel-Mode Winsock library, supporting TCP, UDP and Unix sockets (DGRAM and STREAM).☆284Jan 27, 2025Updated last year
- ☆23May 8, 2023Updated 2 years ago
- 可在非测试模式下符号化读取内核内存。Kernel memory can be read symbolically in non test mode。☆109Sep 1, 2022Updated 3 years ago
- ☆68Dec 17, 2020Updated 5 years ago
- KSOCKET provides a very basic example how to make a network connections in the Windows Driver by using WSK☆541Sep 2, 2022Updated 3 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆71May 11, 2022Updated 3 years ago
- 从MmPfnData中枚举进程和页目录基址☆207Aug 18, 2023Updated 2 years ago
- ☆99Oct 6, 2017Updated 8 years ago
- Hook NtDeviceIoControlFile with PatchGuard☆107May 10, 2022Updated 3 years ago
- Kernel driver that .text hooks a syscall in dxgkrnl.sys which can be called from our user-mode client to send instructions like rpm/wpm a…☆207Dec 16, 2022Updated 3 years ago
- Dll memory redirection through Hook NtMapViewOfSection☆97Sep 7, 2022Updated 3 years ago
- query-pdb is a server-side software for parsing PDB files. The software provides PDB online parsing service.☆168Oct 27, 2025Updated 4 months ago
- ☆225Feb 21, 2023Updated 3 years ago
- Hijack NotifyRoutine for a kernelmode thread☆41Jun 4, 2022Updated 3 years ago
- Monitor ETW events for Windows process mitigation policies, with stack traces☆31Oct 7, 2022Updated 3 years ago
- kernel-mode TDI client which can send and receive HTTP requests☆56Jun 9, 2018Updated 7 years ago
- The program draws with win32k gdi functions in the kernel while NtGdiDdDDISubmitCommand is being hooked.☆344Apr 27, 2020Updated 5 years ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- Radical Windows ARK☆251Apr 18, 2025Updated 10 months ago
- Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL☆219Nov 12, 2020Updated 5 years ago
- ☆223Mar 11, 2023Updated 2 years ago
- Taking advantage of CRT initialization, to get away with hooking protected applications☆48Nov 2, 2022Updated 3 years ago
- For Example. See Miro's Blog☆30Nov 26, 2022Updated 3 years ago
- Recursive and arbitrary code execution at kernel-level without a system thread creation☆159Apr 13, 2023Updated 2 years ago
- Analyze Windows x64 Kernel Memory Layout☆129Nov 19, 2020Updated 5 years ago
- Experimental disassembler for x86 binaries virtualized by VMProtect 3☆99Aug 27, 2022Updated 3 years ago
- Kernel-based memory hacking framework communicating with a kernel driver via sockets.☆97May 25, 2021Updated 4 years ago
- C/C++ Runtime library for system file (Windows Kernel Driver) - Supports Microsoft STL☆192Aug 27, 2022Updated 3 years ago
- InfinityHookPro Win7 -> Win11 latest☆551Feb 7, 2023Updated 3 years ago
- The kernel mode Standard Template Library Template☆19Feb 22, 2020Updated 6 years ago
- ☆17Apr 21, 2022Updated 3 years ago
- Bypasses for Windows kernel callbacks PatchGuard protection☆44Aug 15, 2021Updated 4 years ago
- ☆158May 21, 2024Updated last year
- VT-based PCI device monitor (SPI)☆158Oct 29, 2020Updated 5 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆268Aug 31, 2022Updated 3 years ago
- Static Library For Windows Drivers☆41Dec 13, 2025Updated 2 months ago
- Example of reading process memory through kernel special APC☆110Apr 21, 2023Updated 2 years ago
- the basic version of the ring0 physical memory read/write tool☆92Aug 18, 2019Updated 6 years ago