OSRDrivers / windbg-exts
Various WinDbg extensions and scripts
☆31Updated 6 years ago
Alternatives and similar repositories for windbg-exts:
Users that are interested in windbg-exts are comparing it to the libraries listed below
- penter hook example and driver time recorder☆31Updated 7 years ago
- Simple command line version of Sysinternals WinObj. Currently just lists object names and types given an object manager directory.☆20Updated last year
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆67Updated 5 years ago
- This repository contains some tools that I have written in the past☆28Updated last year
- just an lite AntiRootkit for interesting☆23Updated 9 years ago
- Trace events in real time sessions☆45Updated last year
- User-mode program parsing logs created by HyperPlatform☆18Updated 8 years ago
- An API Monitor based on Instrumentation☆43Updated 7 years ago
- IA32-doc is a project which aims to put as many definitions from the Intel Manual into machine-processable format as possible☆16Updated 3 years ago
- View handles and object for each object type☆63Updated 5 years ago
- Hook IDT vector 0xb2 to detect SCI in 64bit windows.☆34Updated 2 years ago
- Windows Console Monitor☆33Updated 5 years ago
- Simple Protected Mode Kernel for i386☆15Updated 5 years ago
- NDC Oslo 2019 slides and demos☆32Updated 4 years ago
- ☆31Updated 4 years ago
- Analyze PatchGuard☆58Updated 6 years ago
- Static library and headers for linking your software with ntdll.dll☆32Updated 5 years ago
- Example of real-time Windows ETW packet capture session☆53Updated 7 years ago
- Windbg extension that allows you analyze Control Flow Guard map☆34Updated 3 years ago
- DTrace for Windows in userspace; Frontend to ETW☆27Updated 2 years ago
- DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10☆52Updated last year
- Wow64 syscall hook☆40Updated 7 years ago
- A driver to intercept low level windows events☆62Updated 5 years ago
- Takes a Windbg dumped structure (using the 'dt' command) and formats it into a C structure☆35Updated 9 months ago
- Open Source Libraries Collection☆24Updated 9 years ago
- Static Library For Windows Drivers☆33Updated 2 months ago
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year
- Detects if a Kernel mode debugger is active by reading the value of KUSER_SHARED_DATA.KdDebuggerEnabled. It is a high level and portable …��☆23Updated 7 years ago
- Debugger extension for the Debugging Tools for Windows (WinDbg, KD, CDB, NTSD).☆68Updated 8 years ago
- ☆33Updated 4 years ago