DownWithUp / WinPools
WinPools is an example of how Windows kernel big pool addresses can be leaking using NtQuerySystemInformation
☆13Updated 5 years ago
Alternatives and similar repositories for WinPools:
Users that are interested in WinPools are comparing it to the libraries listed below
- ☆24Updated 5 years ago
- ☆34Updated 4 years ago
- win32/x64 obfuscate framework☆32Updated 5 years ago
- Analysing and defeating PatchGuard universally☆34Updated 4 years ago
- IA32-doc is a project which aims to put as many definitions from the Intel Manual into machine-processable format as possible☆16Updated 2 years ago
- What makes it page☆17Updated 2 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆24Updated 3 years ago
- Windows Console Monitor☆33Updated 5 years ago
- A poc that abuses Enclave☆36Updated 2 years ago
- Open Anti Cheat☆27Updated 2 years ago
- Some crazy PE executables protection kernel driver☆18Updated 4 years ago
- A POC for Windows Extension Host hooking☆22Updated 5 years ago
- ☆27Updated 2 years ago
- Hijack NotifyRoutine for a kernelmode thread☆41Updated 2 years ago
- windows kernel pagehook☆39Updated 2 years ago
- A working version of this tutorial: https://docs.microsoft.com/en-us/windows/desktop/rpc/tutorial☆16Updated 5 years ago
- ☆23Updated last year
- For Example. See Miro's Blog☆30Updated 2 years ago
- ☆23Updated 10 months ago
- Example of hijacking system calls via function pointer tables☆32Updated 3 years ago
- ☆16Updated last year
- using gpuz to load driver☆32Updated 5 years ago
- UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.☆44Updated 2 years ago
- ☆21Updated 5 years ago
- Monitor ETW events for Windows process mitigation policies, with stack traces☆31Updated 2 years ago
- Translates WinDbg "dt" structure dump to a C structure☆13Updated 4 years ago