KiFilterFiberContext / windows-software-policyLinks
Research on obfuscated licensing APIs / CLIP service in the Windows kernel
☆111Updated 2 years ago
Alternatives and similar repositories for windows-software-policy
Users that are interested in windows-software-policy are comparing it to the libraries listed below
Sorting:
- Documentation of Microsoft's Warbird obfuscation☆51Updated 9 months ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆245Updated 2 years ago
- Reimplementation of Microsoft's Warbird obuscator☆124Updated 11 months ago
- The Windbg extensions to study Hyper-V on Intel and AMD processors.☆153Updated 2 months ago
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆142Updated 9 months ago
- Integration of Microsoft Warbird with the MSVC compiler☆103Updated last year
- A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.☆80Updated 10 months ago
- Windows kernel debugger for Linux hosts running Windows under KVM/QEMU☆81Updated last week
- Take back control of Windows Code Integrity, no exploits or patching required! Requires that you control your own Platform Key (PK).☆46Updated 2 years ago
- Different tools for Microsoft Hyper-V researching☆57Updated last year
- Report and exploit of CVE-2023-36427☆90Updated last year
- Contains all the applications developed for the Second part of the 7th Edition of Windows Internals book☆109Updated 11 months ago
- ☆75Updated 3 months ago
- Windows kernel driver template for cmkr and llvm-msvc.☆34Updated last year
- ☆143Updated last year
- A collection of tools, source code, and papers researching Windows' implementation of CET.☆84Updated 4 years ago
- Port of zentool to Windows☆24Updated 2 months ago
- A x86 environment emulator for Windows user and kernel binaries.☆58Updated this week
- WinLicense key extraction via Intel PIN☆101Updated last year
- Given delta compressed PE files, find download links for them on the Microsoft Symbol Server. No source PE file or VirusTotal access requ…☆30Updated last year
- Resolve DOS MZ executable symbols at runtime☆95Updated 3 years ago
- Binary Ninja plugin that can be used to apply Triton's dead store eliminitation pass on basic blocks or functions.☆60Updated 10 months ago
- Generate a PDB file given the old PDB file and an address mapping☆48Updated 2 months ago
- Report and exploit of CVE-2024-21305.☆34Updated last year
- Hyper-V related resources☆31Updated last year
- ☆71Updated 2 years ago
- A large collection of 32bit and 64bit PE files useful for verifying the correctness of bin2bin transformations☆54Updated 10 months ago
- ☆90Updated last year
- Lightweight PDB symbol parser and resolver☆24Updated 7 months ago
- A portable header only library extending the C++20 STL.☆77Updated last year