My repository to upload drivers from different books and all the information related to windows internals.
☆163Aug 16, 2019Updated 6 years ago
Alternatives and similar repositories for Windows-Internals
Users that are interested in Windows-Internals are comparing it to the libraries listed below
Sorting:
- Research on Windows Kernel Executive Callback Objects☆315Feb 22, 2020Updated 6 years ago
- Process reimaging proof of concept code☆97Jun 21, 2019Updated 6 years ago
- Some crazy PE executables protection kernel driver☆20May 2, 2020Updated 5 years ago
- Hide codes/data in the kernel address space.☆188May 8, 2021Updated 4 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆240Nov 6, 2019Updated 6 years ago
- This is a collection of interesting codes about Windows Process creation.☆237Jan 12, 2024Updated 2 years ago
- VT-based PCI device monitor (SPI)☆158Oct 29, 2020Updated 5 years ago
- Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling☆32Aug 7, 2019Updated 6 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆65Jun 19, 2019Updated 6 years ago
- Solution for Ricardo Narvaja's C++ Exploiting Exercise☆12Jul 21, 2019Updated 6 years ago
- The Windows Kernel Programming book samples☆666Sep 25, 2023Updated 2 years ago
- Kernel Detective☆151Aug 12, 2022Updated 3 years ago
- win10 pgContext dynamic dump (btc version)☆110Jan 15, 2020Updated 6 years ago
- Kernel Pool Monitor☆127Mar 6, 2022Updated 3 years ago
- C++ Exceptions in Windows Drivers☆221Dec 21, 2020Updated 5 years ago
- windbg plugin for win32k debugging☆75Oct 14, 2019Updated 6 years ago
- c++ implementation of windows heavens gate☆70Feb 12, 2021Updated 5 years ago
- Zerokit/GAPZ rootkit (non buildable and only for researching)☆185Mar 30, 2019Updated 6 years ago
- Dump of win32k POCs for bugs I've found☆381Mar 6, 2022Updated 3 years ago
- Confirms the capability of Hardware-Accelerated Virtualization Technology.☆10Updated this week
- 🧶 The Win32 usermode threading library with UMS/fibers/threads support☆30Jul 1, 2019Updated 6 years ago
- Examples of leaking Kernel Mode information from User Mode on Windows☆634Jul 7, 2017Updated 8 years ago
- PeaceMaker Threat Detection is a Windows kernel-based application that detects advanced techniques used by malware.☆431May 22, 2020Updated 5 years ago
- ☆99Oct 6, 2017Updated 8 years ago
- Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.☆902Nov 21, 2019Updated 6 years ago
- ☆39Oct 29, 2020Updated 5 years ago
- PE(compressed dll) memory loader using nt api☆46Jul 3, 2017Updated 8 years ago
- PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap☆215Jul 2, 2020Updated 5 years ago
- Open Course for diving security internal☆52Nov 11, 2019Updated 6 years ago
- Tools made for my Hyper-V blog series @ https://foxhex0ne.blogspot.com/☆58Jun 21, 2020Updated 5 years ago
- Hide DLL / Hide Module / Hide Dynamic Link Library☆108May 28, 2019Updated 6 years ago
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆824Mar 10, 2022Updated 3 years ago
- WinDBG Anti-RootKit Extension☆645Jul 29, 2020Updated 5 years ago
- My notes about Genyatyk VM crackme☆26Jun 27, 2020Updated 5 years ago
- Windows kernel hacking framework, driver template, hypervisor and API written on C++☆1,802Nov 12, 2023Updated 2 years ago
- A driver that hooks C: volume using symbolic link callback to track all FS access to the volume☆110Apr 24, 2020Updated 5 years ago
- DEFCON 27 workshop - Modern Debugging with WinDbg Preview☆744Nov 1, 2024Updated last year
- syser debugger x32/x64 ring3 with source level debugging/watch view/struct view☆296Mar 9, 2025Updated 11 months ago
- Load self-signed drivers without TestSigning or disable DSE. Transferred from https://github.com/DoubleLabyrinth/Windows10-CustomKernelSi…☆781Jan 22, 2020Updated 6 years ago