My repository to upload drivers from different books and all the information related to windows internals.
☆163Aug 16, 2019Updated 6 years ago
Alternatives and similar repositories for Windows-Internals
Users that are interested in Windows-Internals are comparing it to the libraries listed below
Sorting:
- Solution for Ricardo Narvaja's C++ Exploiting Exercise☆12Jul 21, 2019Updated 6 years ago
- Research on Windows Kernel Executive Callback Objects☆316Feb 22, 2020Updated 6 years ago
- Process reimaging proof of concept code☆97Jun 21, 2019Updated 6 years ago
- Kernel Detective☆151Mar 7, 2026Updated 2 weeks ago
- Some crazy PE executables protection kernel driver☆20May 2, 2020Updated 5 years ago
- windbg plugin for win32k debugging☆75Oct 14, 2019Updated 6 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆32Mar 22, 2017Updated 8 years ago
- The Windows Kernel Programming book samples☆667Sep 25, 2023Updated 2 years ago
- My notes about Genyatyk VM crackme☆26Jun 27, 2020Updated 5 years ago
- Hide codes/data in the kernel address space.☆188May 8, 2021Updated 4 years ago
- Dump of win32k POCs for bugs I've found☆380Mar 6, 2022Updated 4 years ago
- PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap☆214Jul 2, 2020Updated 5 years ago
- Shellcode injection using debugging APIs☆19Jan 13, 2014Updated 12 years ago
- This is a collection of interesting codes about Windows Process creation.☆236Jan 12, 2024Updated 2 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆241Nov 6, 2019Updated 6 years ago
- 🧶 The Win32 usermode threading library with UMS/fibers/threads support☆30Jul 1, 2019Updated 6 years ago
- C++ Exceptions in Windows Drivers☆222Dec 21, 2020Updated 5 years ago
- VT-based PCI device monitor (SPI)☆158Oct 29, 2020Updated 5 years ago
- Tools made for my Hyper-V blog series @ https://foxhex0ne.blogspot.com/☆58Jun 21, 2020Updated 5 years ago
- win10 pgContext dynamic dump (btc version)☆110Jan 15, 2020Updated 6 years ago
- exploit termdd.sys(support kb4499175)☆61Jul 15, 2019Updated 6 years ago
- Confirms the capability of Hardware-Accelerated Virtualization Technology.☆10Feb 26, 2026Updated 3 weeks ago
- Examples of leaking Kernel Mode information from User Mode on Windows☆635Jul 7, 2017Updated 8 years ago
- Open Course for diving security internal☆52Nov 11, 2019Updated 6 years ago
- Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling☆32Aug 7, 2019Updated 6 years ago
- DEFCON 27 workshop - Modern Debugging with WinDbg Preview☆744Nov 1, 2024Updated last year
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆65Jun 19, 2019Updated 6 years ago
- c++ implementation of windows heavens gate☆71Feb 12, 2021Updated 5 years ago
- My notes while studying Windows internals☆447Dec 9, 2024Updated last year
- Exploiting HEVD's WriteWhatWhereIoctlDispatch for LPE on Windows 10 TH2 through RS3 using GDI objects.☆24Jan 23, 2018Updated 8 years ago
- r0akmap is a PoC driver manual mapper based on r0ak☆37Aug 18, 2018Updated 7 years ago
- Kernel Pool Monitor☆128Mar 6, 2022Updated 4 years ago
- WinDBG Anti-RootKit Extension☆646Jul 29, 2020Updated 5 years ago
- Zerokit/GAPZ rootkit (non buildable and only for researching)☆185Mar 30, 2019Updated 6 years ago
- Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.☆905Nov 21, 2019Updated 6 years ago
- A driver that hooks C: volume using symbolic link callback to track all FS access to the volume☆109Apr 24, 2020Updated 5 years ago
- Windows kernel hacking framework, driver template, hypervisor and API written on C++☆1,802Nov 12, 2023Updated 2 years ago
- Windows Object Explorer 64-bit☆1,893Mar 9, 2026Updated last week
- PeaceMaker Threat Detection is a Windows kernel-based application that detects advanced techniques used by malware.☆431May 22, 2020Updated 5 years ago