KiFilterFiberContext/windows-software-policy external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

KiFilterFiberContext/windows-software-policy

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/KiFilterFiberContext/windows-software-policy)

Close

KiFilterFiberContext / windows-software-policyView on GitHubMore

• External links
• Readme badge

Research on obfuscated licensing APIs / CLIP service in the Windows kernel

☆140Aug 23, 2022Updated 3 years ago

Alternatives and similar repositories for windows-software-policy

Users that are interested in windows-software-policy are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• KiFilterFiberContext / warbird-hook

  View on GitHub
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆270Aug 31, 2022Updated 3 years ago
• KiFilterFiberContext / microsoft-warbird

  View on GitHub
  Reimplementation of Microsoft's Warbird obuscator
  ☆210Jun 24, 2024Updated last year
• KiFilterFiberContext / warbird-obfuscator

  View on GitHub
  Integration of Microsoft Warbird with the MSVC compiler
  ☆132Jul 16, 2023Updated 2 years ago
• WitherOrNot / warbird-docs

  View on GitHub
  Documentation of Microsoft's Warbird obfuscation
  ☆70Aug 29, 2024Updated last year
• kkent030315 / CiGetCertPublisherName

  View on GitHub
  An example code of CiGetCertPublisherName
  ☆16Mar 24, 2022Updated 4 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• thesecretclub / SandboxBootkit

  View on GitHub
  Bootkit for Windows Sandbox to disable DSE/PatchGuard.
  ☆333Oct 13, 2024Updated last year
• sterrasec / genpatch

  View on GitHub
  genpatch is IDA plugin that generates a python script for patching binary
  ☆38Dec 21, 2023Updated 2 years ago
• KiFilterFiberContext / VMP3-Disasm

  View on GitHub
  Experimental disassembler for x86 binaries virtualized by VMProtect 3
  ☆96Aug 27, 2022Updated 3 years ago
• tuxuser / eappx-rs

  View on GitHub
  EAPPX/EMSIX decryption and extraction
  ☆34Jun 13, 2024Updated last year
• therealdreg / cgaty

  View on GitHub
  Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)
  ☆73Aug 11, 2023Updated 2 years ago
• 0vercl0k / sic

  View on GitHub
  Enumerate user mode shared memory mappings on Windows.
  ☆132Feb 14, 2021Updated 5 years ago
• tandasat / Hello-VT-rp

  View on GitHub
  A simple hypervisor demonstrating the use of the Intel VT-rp (redirect protection) technology.
  ☆113Mar 28, 2024Updated 2 years ago
• GetRektBoy724 / warbird-research

  View on GitHub
  Find out how to bypass HVCI (or not). My own research on Microsoft Warbird (specifically in clipsp.sys)
  ☆95Oct 26, 2025Updated 6 months ago
• jayesther / KTM_POCS

  View on GitHub
  Reports and POCs for CVE 2024-43570 and CVE-2024-43535
  ☆30Jun 7, 2025Updated 11 months ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• Dump-GUY / IDA_PHNT_TYPES

  View on GitHub
  Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).
  ☆170Aug 23, 2024Updated last year
• airbus-seclab / warbirdvm

  View on GitHub
  An analysis of the Warbird virtual-machine protection for the CI!g_pStore
  ☆268Feb 6, 2018Updated 8 years ago
• zer0condition / ZeroThreadKernel

  View on GitHub
  Recursive and arbitrary code execution at kernel-level without a system thread creation
  ☆159Mar 16, 2026Updated 2 months ago
• DownWithUp / WarbirdExamples

  View on GitHub
  An example of how to use Microsoft Windows Warbird technology
  ☆95Apr 23, 2023Updated 3 years ago
• Xyrem / Yumekage

  View on GitHub
  Demo proof of concept for shadow regions, and implementation of HyperDeceit.
  ☆319May 31, 2023Updated 2 years ago
• VollRagm / PTView

  View on GitHub
  Browse Page Tables on Windows (Page Table Viewer)
  ☆239Apr 2, 2022Updated 4 years ago
• exploits-forsale / prefetch-tool

  View on GitHub
  Windows KASLR bypass using prefetch side-channel
  ☆190Apr 26, 2024Updated 2 years ago
• rbmm / LIB

  View on GitHub
  ☆10Apr 19, 2026Updated last month
• waleedassar / ALPC_CLIENT_SERVER

  View on GitHub
  Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.
  ☆21Jan 25, 2022Updated 4 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• irql / nokd

  View on GitHub
  reverse engineering of the windows nt kernel debugger protocol & reimplementation.
  ☆38Jul 2, 2024Updated last year
• mandiant / STrace

  View on GitHub
  A DTrace on Windows Reimplementation
  ☆373May 6, 2026Updated 2 weeks ago
• gabriellandau / ShadowStackWalk

  View on GitHub
  Finding Truth in the Shadows
  ☆129Jan 26, 2023Updated 3 years ago
• 0mWindyBug / DataptrHooks

  View on GitHub
  ntoskrnl .data hooks for UM-KM communication
  ☆52May 26, 2024Updated last year
• gerhart01 / Hyper-V-Internals

  View on GitHub
  Internals information about Hyper-V
  ☆739May 6, 2026Updated 2 weeks ago
• massgravel / keyhole

  View on GitHub
  R.I.P. 😔
  ☆71Mar 25, 2025Updated last year
• cursey / x64-virtualizer-rs

  View on GitHub
  x86-64 virtualizing obfuscator written in Rust
  ☆115Nov 16, 2023Updated 2 years ago
• SHA-MRIZ / FsMinfilterHooking

  View on GitHub
  ☆33Dec 22, 2020Updated 5 years ago
• can1357 / NtRays

  View on GitHub
  Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.
  ☆666Jan 28, 2025Updated last year
• End-to-end encrypted cloud storage - Proton Drive • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
• mrexodia / DisableParallelLoader

  View on GitHub
  Plugin for x64dbg to disable parallel loading of dependencies
  ☆19Sep 3, 2022Updated 3 years ago
• 0mWindyBug / WFPCalloutReserach

  View on GitHub
  research revolving the windows filtering platform callout mechanism
  ☆42May 26, 2024Updated last year
• yardenshafir / cet-research

  View on GitHub
  A collection of tools, source code, and papers researching Windows' implementation of CET.
  ☆93Oct 6, 2020Updated 5 years ago
• MapleSwan / SessionMapper

  View on GitHub
  将驱动映射到会话空间
  ☆39Aug 27, 2022Updated 3 years ago
• DenuvoSoftwareSolutions / DVRT

  View on GitHub
  How Meltdown and Spectre haunt Anti-Cheat: DVRT details
  ☆21Aug 21, 2024Updated last year
• rounk-ctrl / Exploder

  View on GitHub
  exploder
  ☆13Sep 21, 2024Updated last year
• ekknod / acdrv

  View on GitHub
  base for testing
  ☆189Sep 28, 2024Updated last year