AaLl86/WindowsInternals external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

AaLl86/WindowsInternals

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/AaLl86/WindowsInternals)

Close

AaLl86 / WindowsInternalsView on GitHubMore

• External links
• Readme badge

Contains all the applications developed for the Second part of the 7th Edition of Windows Internals book

☆119Jun 30, 2024Updated last year

Alternatives and similar repositories for WindowsInternals

Users that are interested in WindowsInternals are comparing it to the libraries listed below

• tandasat / Hello-VT-rp

  View on GitHub
  A simple hypervisor demonstrating the use of the Intel VT-rp (redirect protection) technology.
  ☆114Mar 28, 2024Updated last year
• KiFilterFiberContext / warbird-hook

  View on GitHub
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆271Aug 31, 2022Updated 3 years ago
• gerhart01 / Hyper-V-Tools

  View on GitHub
  Different tools for Microsoft Hyper-V researching
  ☆64Mar 9, 2026Updated last week
• ic3qu33n / REcon2024-GOP-Complex

  View on GitHub
  REcon 2024 Repo, slides for talk "GOP Complex: Image parsing bugs, EBC polymorphic engines and the Deus ex machina of UEFI exploit dev""
  ☆14Mar 31, 2025Updated 11 months ago
• zer0condition / ZeroHVCI

  View on GitHub
  Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling withou…
  ☆262Updated this week
• gerhart01 / LiveCloudKd

  View on GitHub
  Hyper-V Research is trendy now
  ☆189Mar 8, 2026Updated 2 weeks ago
• mannyfred / MentalTi

  View on GitHub
  Mentally ill EtwTi parser
  ☆69Jan 11, 2026Updated 2 months ago
• 0vercl0k / symbolizer-rs

  View on GitHub
  A fast execution trace symbolizer for Windows that runs on all major platforms and doesn't depend on any Microsoft libraries.
  ☆101Jan 3, 2026Updated 2 months ago
• klezVirus / DriverJack

  View on GitHub
  Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths
  ☆361Aug 11, 2024Updated last year
• brew02 / BudgetEPT

  View on GitHub
  Create stealthy, inline, EPT-like hooks using SMAP and SMEP
  ☆61Oct 19, 2024Updated last year
• SamuelTulach / HookGuard

  View on GitHub
  Hooking Windows' exception dispatcher to protect process's PML4
  ☆236Jan 24, 2025Updated last year
• tandasat / hvext

  View on GitHub
  The Windbg extensions to study Hyper-V on Intel and AMD processors.
  ☆171Feb 10, 2026Updated last month
• pwndorei / CVE-2024-38080

  View on GitHub
  poc code for CVE-2024-38080
  ☆30Sep 1, 2024Updated last year
• SamuelTulach / PwnedBoot

  View on GitHub
  Using Windows' own bootloader as a shim to bypass Secure Boot
  ☆229Jul 17, 2024Updated last year
• iqrw0 / DieDMAProtection

  View on GitHub
  ☆29Mar 9, 2024Updated 2 years ago
• passthehashbrowns / VectoredExceptionHandling

  View on GitHub
  ☆108Aug 21, 2024Updated last year
• AmitMoshel1 / PatchGuardEncryptorDriver

  View on GitHub
  A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.
  ☆78Mar 29, 2025Updated 11 months ago
• therealdreg / dregate

  View on GitHub
  call gates as stable comunication channel for NT x86 and Linux x86_64
  ☆32Aug 11, 2023Updated 2 years ago
• N0fix / IDA_rust_metadata_finder

  View on GitHub
  IDA plugin to recover source code from panic information on rust
  ☆18May 9, 2025Updated 10 months ago
• gabriellandau / ItsNotASecurityBoundary

  View on GitHub
  ☆195Jul 29, 2024Updated last year
• vmi-rs / vmi

  View on GitHub
  Modular and extensible library for Virtual Machine Introspection
  ☆119Updated this week
• tinysec / jswd

  View on GitHub
  javascript extension of windbg for hacker.
  ☆18Jun 27, 2023Updated 2 years ago
• jdu2600 / CFG-FindHiddenShellcode

  View on GitHub
  Walks the CFG bitmap to find previously executable but currently hidden shellcode regions
  ☆134May 17, 2023Updated 2 years ago
• yardenshafir / cet-research

  View on GitHub
  A collection of tools, source code, and papers researching Windows' implementation of CET.
  ☆90Oct 6, 2020Updated 5 years ago
• rad9800 / RansomFS

  View on GitHub
  ☆31Feb 28, 2025Updated last year
• Xienim / Delphi-Kawaii

  View on GitHub
  Delphi-Kawaii is a plugin for Ida Pro.
  ☆22Jul 19, 2023Updated 2 years ago
• tandasat / barevisor

  View on GitHub
  A bare minimum hypervisor on AMD and Intel processors for learners.
  ☆340Sep 27, 2025Updated 5 months ago
• ZehMatt / x86Tester

  View on GitHub
  x86-64 Automated test data generator
  ☆26Aug 18, 2025Updated 7 months ago
• worawit / malk

  View on GitHub
  Demonstrate calling a kernel function and handle process creation callback against HVCI
  ☆83Dec 21, 2022Updated 3 years ago
• sleepyG8 / GlyphDbg

  View on GitHub
  RE for champions
  ☆15Mar 10, 2026Updated last week
• ioncodes / rapid-kdbg-hyperv

  View on GitHub
  ☆15Mar 13, 2023Updated 3 years ago
• ergrelet / windiff

  View on GitHub
  Web-based tool that allows comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the …
  ☆357Mar 16, 2026Updated last week
• tinysec / rtypes

  View on GitHub
  A simple but useful project maybe help you reverse Windows.
  ☆41Apr 2, 2024Updated last year
• memN0ps / matrix-rs

  View on GitHub
  Rusty Hypervisor - Windows Kernel Blue Pill Type-2 Hypervisor in Rust (Codename: Matrix)
  ☆326Jul 7, 2024Updated last year
• bitdefender / napoca

  View on GitHub
  Lightweight type-1 hypervisor offering a foundation for building advanced security-focused functionality.
  ☆282Feb 16, 2026Updated last month
• 0mWindyBug / WFPCalloutReserach

  View on GitHub
  research revolving the windows filtering platform callout mechanism
  ☆39May 26, 2024Updated last year
• kkent030315 / CiGetCertPublisherName

  View on GitHub
  An example code of CiGetCertPublisherName
  ☆16Mar 24, 2022Updated 3 years ago
• 0vercl0k / kdmp-parser-rs

  View on GitHub
  A KISS Rust crate to parse Windows kernel crash-dumps created by Windows & its debugger.
  ☆42Jan 2, 2026Updated 2 months ago
• cirosec / warbird-demos

  View on GitHub
  ☆50Nov 7, 2024Updated last year