KiFilterFiberContext / windows-software-policy

Related projects ⓘ

Alternatives and complementary repositories for windows-software-policy

• KiFilterFiberContext / warbird-obfuscator
  Integration of Microsoft Warbird with the MSVC compiler
  ☆85Updated last year
• KiFilterFiberContext / microsoft-warbird
  Reimplementation of Microsoft's Warbird obuscator
  ☆101Updated 4 months ago
• KiFilterFiberContext / warbird-hook
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆237Updated 2 years ago
• Dump-GUY / IDA_PHNT_TYPES
  Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).
  ☆115Updated 2 months ago
• Azvanzed / CVE-2024-44083
  Makes IDA (most versions) to crash upon opening it.
  ☆64Updated 2 months ago
• charlesnathansmith / whatlicense
  WinLicense key extraction via Intel PIN
  ☆79Updated 7 months ago
• ergrelet / themida-spotter-bn
  A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.
  ☆73Updated 3 months ago
• zer0condition / Demystifying-PatchGuard
  Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…
  ☆106Updated last year
• mrexodia / EfiCMake
  CMake template for a basic EFI application/bootkit. This library is header-only, there is no EDK2 runtime!).
  ☆76Updated 2 years ago
• kkent030315 / NtSymbol
  Resolve DOS MZ executable symbols at runtime
  ☆93Updated 3 years ago
• greyb1t / GreyM
  Me fockin' pe protector
  ☆45Updated 2 years ago
• can1357 / IdaThemer
  🎨 Seamlessly convert your favorite Visual Studio Code themes to IDA Pro themes.
  ☆86Updated 7 months ago
• mibho / x64dbg-vmp-trace
  unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…
  ☆52Updated 9 months ago
• can1357 / xstd
  A portable header only library extending the C++20 STL.
  ☆69Updated 7 months ago
• yardenshafir / cet-research
  A collection of tools, source code, and papers researching Windows' implementation of CET.
  ☆74Updated 4 years ago
• ergrelet / triton-bn
  Binary Ninja plugin that can be used to apply Triton's dead store eliminitation pass on basic blocks or functions.
  ☆58Updated 4 months ago
• Deputation / instrumentation_callbacks
  A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.
  ☆117Updated 3 years ago
• synctop / tpm-mmio
  Using MMIO (Memory-Mapped I/O) to read TPM 2.0 public Endorsement Key.
  ☆39Updated 5 months ago
• GetRektBoy724 / KPDB
  Windows PDB parser for kernel-mode environment.
  ☆90Updated last year
• gabriellandau / ShadowStackWalk
  Finding Truth in the Shadows
  ☆84Updated last year
• jonomango / nohv
  Kernel driver for detecting Intel VT-x hypervisors.
  ☆170Updated last year
• 3intermute / ramiel
  uefi diskless persistence technique + OVMF secureboot bypass
  ☆52Updated 6 months ago
• sh4m2hwz / devirt_vmp
  devirtualization vmprotect
  ☆61Updated last year
• DenuvoSoftwareSolutions / DVRT
  How Meltdown and Spectre haunt Anti-Cheat: DVRT details
  ☆20Updated 3 months ago
• tandasat / hvext
  The Windbg extension that implements commands helpful to study Hyper-V on Intel processors.
  ☆130Updated last month
• VergiliusProject / kernels-data
  Windows kernel PDB data parsed into YAML
  ☆31Updated last week
• therealdreg / ida_vmware_windows_gdb
  Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)
  ☆62Updated last year
• kkent030315 / anyvtop
  x64 Windows implementation of virtual-address to physical-address translation
  ☆41Updated 3 years ago
• D4stiny / ExceptionOrientedProgramming
  Abusing exceptions for code execution.
  ☆107Updated last year
• jonaslyk / temp
  ☆65Updated last year