KiFilterFiberContext / windows-software-policyLinks
Research on obfuscated licensing APIs / CLIP service in the Windows kernel
☆120Updated 3 years ago
Alternatives and similar repositories for windows-software-policy
Users that are interested in windows-software-policy are comparing it to the libraries listed below
Sorting:
- Reimplementation of Microsoft's Warbird obuscator☆135Updated last year
- A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.☆82Updated last year
- Integration of Microsoft Warbird with the MSVC compiler☆111Updated 2 years ago
- Documentation of Microsoft's Warbird obfuscation☆53Updated 11 months ago
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆149Updated last year
- The Windbg extensions to study Hyper-V on Intel and AMD processors.☆156Updated 5 months ago
- bypassing intel txt's tboot integrity checks via coreboot shim☆80Updated 5 months ago
- Take back control of Windows Code Integrity, no exploits or patching required! Requires that you control your own Platform Key (PK).☆49Updated 3 years ago
- Windows kernel debugger for Linux hosts running Windows under KVM/QEMU☆92Updated 3 months ago
- An x64dbg plugin which marks XFG call signatures as data☆77Updated 2 years ago
- Contains all the applications developed for the Second part of the 7th Edition of Windows Internals book☆112Updated last year
- An x64dbg plugin which helps make sense of long C++ symbols☆59Updated 2 years ago
- WinLicense key extraction via Intel PIN☆101Updated last year
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆252Updated 2 years ago
- Different tools for Microsoft Hyper-V researching☆60Updated last month
- uefi diskless persistence technique + OVMF secureboot bypass☆88Updated last year
- Port of zentool to Windows☆26Updated 5 months ago
- x86 Real-Mode MS-DOS Emulator using Windows Hypervisor Platform☆139Updated last year
- A collection of tools, source code, and papers researching Windows' implementation of CET.☆85Updated 4 years ago
- reverse engineering of the windows nt kernel debugger protocol & reimplementation.☆28Updated last year
- A x86_64 software emulator☆148Updated 3 weeks ago
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆300Updated 10 months ago
- A Windows executable (PE) packer (x64) with LZMA compression and with full TLS (Thread Local Storage) support☆75Updated 2 months ago
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆61Updated last year
- alternative smm driver for ryzen motherboards☆157Updated 10 months ago
- msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation to be used within IDA.☆152Updated last year
- Using Windows' own bootloader as a shim to bypass Secure Boot☆182Updated last year
- Windows kernel driver template for cmkr and llvm-msvc.☆35Updated last year
- CMake template for a basic EFI application/bootkit. This library is header-only, there is no EDK2 runtime!).☆78Updated 2 years ago
- 🎨 Seamlessly convert your favorite Visual Studio Code themes to IDA Pro themes.☆113Updated last year