Alternatives and similar repositories for WindowsKernelProgrammingBook:

Users that are interested in WindowsKernelProgrammingBook are comparing it to the libraries listed below

• rbmm / DirectSysCall
  ☆12Updated last year
• MMitsuha / Tajimari
  the Open Source and Pure C++ Packer for eXecutables
  ☆20Updated 2 years ago
• 7eRoM / elam
  A Practical example of ELAM (Early Launch Anti-Malware)
  ☆32Updated 3 years ago
• Kharos102 / ReadWriteDriverSample
  ☆21Updated 11 months ago
• 0vercl0k / inject
  Yet another Windows DLL injector.
  ☆39Updated 3 years ago
• Idov31 / talks-and-publications
  Released presentations of my talks + code that used during these talks
  ☆13Updated 7 months ago
• bananabr / Givemeahand
  A PoC tool for exploiting leaked process and thread handles
  ☆30Updated last year
• waleedassar / ALPC_CLIENT_SERVER
  Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.
  ☆21Updated 3 years ago
• Yaxser / Itaskhandler
  Implementation of ITaskHandler in C++
  ☆13Updated 2 years ago
• NioZow / Imperium
  A C/C++/Asm template for PIC malware
  ☆10Updated 6 months ago
• AlionGreen / apc-injection
  Process Injection: APC Injection
  ☆29Updated 4 years ago
• OrShazam / ChainEngine
  automates exploits using ROP chains, using ntdll-scraper
  ☆16Updated 2 years ago
• matterpreter / cpuid
  A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class
  ☆26Updated last year
• farinap5 / bitmap4shell
  A (quite) simple steganography algorithm to hide shellcodes within bitmap image.
  ☆22Updated 11 months ago
• OtterHacker / CoffLoader
  ☆53Updated 2 years ago
• varwara / CVE-2024-21338
  PoC for the Untrusted Pointer Dereference in the appid.sys driver
  ☆16Updated last year
• fin3ss3g0d / HookFinder
  Simple PoC to locate hooked functions by EDR in ntdll.dll
  ☆36Updated last year
• listinvest / undonut
  Unpacker for donut shellcode
  ☆17Updated 4 years ago
• ryan-weil / Code-Cave
  Injects position-dependent code into a code cave in an executable file, and applies relocations.
  ☆22Updated last year
• DimopoulosElias / Primitives
  ☆31Updated 4 years ago
• iammaguire / Salient-Rootkit
  A kernel mode Windows rootkit in development.
  ☆48Updated 3 years ago
• thefLink / Memfiddler
  Executes shellcode from a remote server and aims to evade in-memory scanners
  ☆31Updated 5 years ago
• bluefrostsecurity / Windows-Drive-Remapping-EoP
  ☆29Updated last year
• Foolish1337 / kernel-programming
  Progress of learning kernel development
  ☆14Updated 2 years ago
• OxNinja / C-VM
  My try to implement a virtual CPU in C
  ☆19Updated last year
• deepinstinct / PhonyC2-MuddyWater-Research
  MuddyWater C2 framework research
  ☆11Updated last year
• rbmm / ARL
  ☆24Updated 2 months ago
• Cerbersec / NtCreateUserProcess
  ☆11Updated 3 years ago
• MrAle98 / ATDCM64a-LPE
  ☆20Updated 3 months ago
• hidd3ncod3s / WindowsAPIhash
  Windows API Hashes used in the malwares
  ☆40Updated 9 years ago