MartinDrab / VrtuleTreeLinks
VrtuleTree is a tool that displays information about driver and device objects present in the system and relations between them. Its functionality is very similar to famous DeviceTree, however, VrtuleTree emhasises on stability and support of latest Windows versions
☆60Updated 4 years ago
Alternatives and similar repositories for VrtuleTree
Users that are interested in VrtuleTree are comparing it to the libraries listed below
Sorting:
- WinDbg debugger extension library providing various tools to analyse, dump and fix (restore) Microsoft Portable Executable files for both…☆84Updated last year
- View handles and object for each object type☆64Updated 6 years ago
- Simple proof of concept code for injecting libraries on 64bit processes from a 32bit process☆96Updated 7 years ago
- A software driver that lets you log kernel-mode debug output into a file on Windows.☆108Updated 7 years ago
- Library for kernel and user mode splicing for Windows (x86 and x64).☆64Updated 13 years ago
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆66Updated 5 years ago
- POC of sysenter x64 LSTAR MSR hook☆41Updated 11 years ago
- Standalone program to download PDB Symbol files for debugging without WDK☆80Updated 6 years ago
- Advance LPC☆72Updated 8 years ago
- Various WinDbg extensions and scripts☆32Updated 7 years ago
- Takes a Windbg dumped structure (using the 'dt' command) and formats it into a C structure☆37Updated last year
- Analyze PatchGuard☆56Updated 7 years ago
- Windows_OS_Internals_Curriculum_Resource_Kit-ACADEMIC☆27Updated 7 years ago
- This repository contains some tools that I have written in the past☆28Updated 2 years ago
- Simple driver to register all available process, thread, image, Registry, and Object callbacks☆124Updated 8 years ago
- DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10☆53Updated last year
- VMCS Auditor provides almost all of Intel's VMCS Layout checklist based on Bochs Emulator.☆32Updated 7 years ago
- A local copy of Alex Ionescu's seemingly abandoned native-nt-toolkit project containing knowledge inherited from the ReactOS project.☆54Updated 6 years ago
- Library that allows you to run 64bit code on a Wow64 32bit process☆147Updated 8 years ago
- Adding exceptions to Microsoft's Control Flow Guard (CFG)☆57Updated 9 years ago
- Example of real-time Windows ETW packet capture session☆54Updated 8 years ago
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆146Updated 6 years ago
- This is a simple driver with x64 inline assembly☆57Updated 5 years ago
- Analyze and attack windows applications using dll hijacking vulnerabilities☆59Updated 6 years ago
- Helper utility for debugging windows PE/PE+ loader.☆52Updated 10 years ago
- Windows 10 PE image loader (LDR) NTDLL component toolbox☆49Updated 6 years ago
- ☆42Updated 6 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆32Updated 8 years ago
- Procmonel is Procmon like monitoring system implemented using Microsoft WDK☆12Updated 6 years ago
- This program can retrieve signature information from PE files which signed by one or more certificates on Windows. Supporting multi-signe…☆103Updated 3 years ago