JKornev / cfgdumpLinks
Windbg extension that allows you analyze Control Flow Guard map
☆35Updated 3 years ago
Alternatives and similar repositories for cfgdump
Users that are interested in cfgdump are comparing it to the libraries listed below
Sorting:
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆29Updated 8 years ago
- ☆46Updated 4 years ago
- Takes a Windbg dumped structure (using the 'dt' command) and formats it into a C structure☆35Updated 11 months ago
- A POC for Windows Extension Host hooking☆22Updated 5 years ago
- ☆21Updated 4 years ago
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year
- ☆19Updated 6 years ago
- An API Monitor based on Instrumentation☆43Updated 7 years ago
- Kernel-mode file scanner☆18Updated 6 years ago
- ☆33Updated 3 years ago
- dk is a WinDbg extenion for dumping memory data in meaningful and organized ways, it is an enhancement of my previous tokenext project.☆24Updated last year
- ☆13Updated 2 years ago
- Tools made for my Hyper-V blog series @ https://foxhex0ne.blogspot.com/☆58Updated 5 years ago
- Exploiting HEVD's WriteWhatWhereIoctlDispatch for LPE on Windows 10 TH2 through RS3 using GDI objects.☆24Updated 7 years ago
- Detects if a Kernel mode debugger is active by reading the value of KUSER_SHARED_DATA.KdDebuggerEnabled. It is a high level and portable …☆23Updated 7 years ago
- Code Integrity Violation Spotter☆16Updated last year
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆67Updated 5 years ago
- A working version of this tutorial: https://docs.microsoft.com/en-us/windows/desktop/rpc/tutorial☆16Updated 5 years ago
- Dumps information about all the callback objects found in a dump file and the functions registered for them☆36Updated 4 years ago
- Command like tool to print mitigation flags for running processes in a memory dump☆46Updated 4 years ago
- ☆40Updated 4 years ago
- Windows 10 UAC bypass PoC using LaunchInfSection☆34Updated 6 years ago
- ☆29Updated 3 years ago
- vmware-backdoor☆33Updated 3 years ago
- Dump PDB Symbols including support for Bochs Debugging Format (with wine support)☆15Updated last year
- ☆16Updated 5 years ago
- This repository contains some tools that I have written in the past☆28Updated last year
- Driver demonstrating how to register a DPC to asynchronously wait on an object☆49Updated 4 years ago
- Yet another windows syscall library☆18Updated 5 years ago
- ☆15Updated 2 years ago