MartinDrab / VrtuleTreeLinks
VrtuleTree is a tool that displays information about driver and device objects present in the system and relations between them. Its functionality is very similar to famous DeviceTree, however, VrtuleTree emhasises on stability and support of latest Windows versions
☆60Updated 4 years ago
Alternatives and similar repositories for VrtuleTree
Users that are interested in VrtuleTree are comparing it to the libraries listed below
Sorting:
- WinDbg debugger extension library providing various tools to analyse, dump and fix (restore) Microsoft Portable Executable files for both…☆84Updated last year
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆68Updated 5 years ago
- Standalone program to download PDB Symbol files for debugging without WDK☆79Updated 6 years ago
- Windows 10 PE image loader (LDR) NTDLL component toolbox☆49Updated 5 years ago
- Advance LPC☆70Updated 8 years ago
- This repository contains some tools that I have written in the past☆28Updated last year
- A software driver that lets you log kernel-mode debug output into a file on Windows.☆107Updated 7 years ago
- Simple proof of concept code for injecting libraries on 64bit processes from a 32bit process☆96Updated 6 years ago
- Kernel Pool Monitor☆126Updated 3 years ago
- Library for kernel and user mode splicing for Windows (x86 and x64).☆64Updated 12 years ago
- POC of sysenter x64 LSTAR MSR hook☆40Updated 11 years ago
- Various WinDbg extensions and scripts☆33Updated 6 years ago
- ☆40Updated 6 years ago
- Driver demonstrating how to register a DPC to asynchronously wait on an object☆49Updated 4 years ago
- DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10☆53Updated last year
- View handles and object for each object type☆64Updated 5 years ago
- c++ implementation of windows heavens gate☆72Updated 4 years ago
- Analyze PatchGuard☆59Updated 7 years ago
- Import library generator for x86 PE files☆59Updated 6 years ago
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆145Updated 6 years ago
- A driver to intercept low level windows events☆63Updated 5 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆52Updated 4 years ago
- Windows_OS_Internals_Curriculum_Resource_Kit-ACADEMIC☆25Updated 6 years ago
- Crash Windows 10 up to RS2 from an unprivileged process☆42Updated 7 years ago
- NDC Oslo 2019 slides and demos☆32Updated 4 years ago
- Trace events in real time sessions☆45Updated 2 years ago
- My commands and scripts extending WinDbg☆41Updated 4 months ago
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆79Updated 14 years ago
- Parser for Microsoft Program Database (PDB) files☆76Updated 5 years ago
- kernel-mode TDI client which can send and receive HTTP requests☆55Updated 7 years ago