Static library and headers for linking your software with ntdll.dll
☆37Dec 16, 2019Updated 6 years ago
Alternatives and similar repositories for NTlib
Users that are interested in NTlib are comparing it to the libraries listed below
Sorting:
- UI application that can compare PE images in memory or in raw PE file☆19Feb 17, 2014Updated 12 years ago
- Simple program for static hooking dynamic libraries in executable application☆24Jan 15, 2014Updated 12 years ago
- Automatically exported from code.google.com/p/hf-2011☆15Feb 12, 2016Updated 10 years ago
- Modifies the code of the RtlUserThreadStart callback and reads the arguments passed to it. Then it changes the initial execution argument…☆15Mar 4, 2018Updated 7 years ago
- Standalone tool to explore the security model of Windows and its NT kernel. Use it to introspect privilege assignments and access right a…☆33May 21, 2019Updated 6 years ago
- Analyze and attack windows applications using dll hijacking vulnerabilities☆58Sep 22, 2019Updated 6 years ago
- API logger plugin for Intel Pintool☆14Nov 19, 2017Updated 8 years ago
- XOrCryptEx lightweight C Utility/Algorithm☆11Mar 3, 2022Updated 3 years ago
- PoC code for CVE-2018-15499 (exploit race condition for BSoD)☆11Aug 23, 2018Updated 7 years ago
- Confirms the capability of Hardware-Accelerated Virtualization Technology.☆10Updated this week
- ☆27Apr 4, 2019Updated 6 years ago
- 软件保护及分析技术——原理与实践☆18Nov 30, 2017Updated 8 years ago
- Code injection by hijacking threads in Windows 32-bit applications☆44Oct 3, 2018Updated 7 years ago
- windows inlinehook R3 R0☆11Apr 11, 2018Updated 7 years ago
- WhoCalls can query a directory of files, find the binaries, and search for a user specified Win API import. It and works with both 32-bit…☆18Jul 2, 2022Updated 3 years ago
- Zerokit shared code☆17Mar 28, 2019Updated 6 years ago
- Allows you to add breakpoints from IDA (from the graph/text view) to WinDbg easily☆14Oct 10, 2018Updated 7 years ago
- r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems☆28Aug 6, 2018Updated 7 years ago
- ☆12Feb 19, 2017Updated 9 years ago
- ☆14Feb 14, 2018Updated 8 years ago
- Lists all visible objects in the Windows kernel object namespace, a command-line WinObj☆15May 27, 2018Updated 7 years ago
- A test project to try the new win32k.sys system call filtering mitigation in Windows 10☆15Mar 17, 2019Updated 6 years ago
- This project demonstares an illegal read- and write- access to the kernel-mode data for both allocated by 3rd party drivers and EPROCESS …☆13Mar 6, 2018Updated 7 years ago
- Just another tool to download specify Symbol (.pdb) files☆39Sep 4, 2019Updated 6 years ago
- usermode standalone kernel interface☆111Jul 9, 2018Updated 7 years ago
- ☆48Jun 19, 2017Updated 8 years ago
- Detect the SCI in windows.☆11Mar 23, 2017Updated 8 years ago
- Hidden module/dll detector for windows apps☆15May 21, 2017Updated 8 years ago
- This program can retrieve signature information from PE files which signed by one or more certificates on Windows. Supporting multi-signe…☆103Sep 20, 2022Updated 3 years ago
- Protect process fsfilter driver. Windows x64☆36Apr 11, 2016Updated 9 years ago
- Analyze PatchGuard☆56Aug 19, 2018Updated 7 years ago
- ☆17Dec 18, 2020Updated 5 years ago
- bypass CRC☆12May 3, 2018Updated 7 years ago
- Yet another windows syscall library☆18Jun 22, 2020Updated 5 years ago
- ☆14Jan 10, 2017Updated 9 years ago
- A simple ransomware defender.It uses minifilter to filt "rewrite" and "delete" events in kernel.And it handles event in user mode.☆27Aug 14, 2018Updated 7 years ago
- RVDbg is a debugger/exception handler for Windows processes and has the capability to circumvent anti-debugging techniques. (Cleaner, doc…☆72Sep 5, 2020Updated 5 years ago
- x64 syscall caller in C++.☆93Jun 23, 2018Updated 7 years ago
- Remote Assistance Volatile Environment LPE☆15Jun 28, 2025Updated 8 months ago