JKornev / cfgdumpLinks
Windbg extension that allows you analyze Control Flow Guard map
☆35Updated 3 years ago
Alternatives and similar repositories for cfgdump
Users that are interested in cfgdump are comparing it to the libraries listed below
Sorting:
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆29Updated 8 years ago
- ☆21Updated 3 years ago
- A POC for Windows Extension Host hooking☆22Updated 5 years ago
- Takes a Windbg dumped structure (using the 'dt' command) and formats it into a C structure☆35Updated 10 months ago
- ☆45Updated 4 years ago
- Dumps information about all the callback objects found in a dump file and the functions registered for them☆36Updated 4 years ago
- ☆33Updated 3 years ago
- Code Integrity Violation Spotter☆16Updated 11 months ago
- ☆34Updated 7 years ago
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year
- ☆19Updated 5 years ago
- Exploiting HEVD's WriteWhatWhereIoctlDispatch for LPE on Windows 10 TH2 through RS3 using GDI objects.☆24Updated 7 years ago
- Kernel-mode file scanner☆18Updated 6 years ago
- Tools made for my Hyper-V blog series @ https://foxhex0ne.blogspot.com/☆57Updated 4 years ago
- ☆40Updated 3 years ago
- Driver demonstrating how to register a DPC to asynchronously wait on an object☆49Updated 4 years ago
- Command like tool to print mitigation flags for running processes in a memory dump☆46Updated 4 years ago
- A working version of this tutorial: https://docs.microsoft.com/en-us/windows/desktop/rpc/tutorial☆16Updated 5 years ago
- ☆12Updated 6 years ago
- A set of small utilities, helpers for PIN tracers☆33Updated last year
- ☆13Updated 2 years ago
- Dump PDB Symbols including support for Bochs Debugging Format (with wine support)☆15Updated last year
- Detects if a Kernel mode debugger is active by reading the value of KUSER_SHARED_DATA.KdDebuggerEnabled. It is a high level and portable …☆23Updated 7 years ago
- An API Monitor based on Instrumentation☆43Updated 7 years ago
- Windows x64 Process Scanner to detect application compatability shims☆37Updated 6 years ago
- Windows 10 UAC bypass PoC using LaunchInfSection☆34Updated 6 years ago
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆67Updated 5 years ago
- This repository contains some tools that I have written in the past☆28Updated last year
- Data and structures regarding the research done on WdFilter☆12Updated 5 years ago
- Use WinDBG to trace the Windows API calls of any Portable Executable file☆31Updated 8 years ago