☆149Jun 5, 2023Updated 2 years ago
Alternatives and similar repositories for IOCTLDump
Users that are interested in IOCTLDump are comparing it to the libraries listed below
Sorting:
- Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks☆413Jul 4, 2025Updated 8 months ago
- ☆30Oct 13, 2020Updated 5 years ago
- Repository of different kernel drivers written while studying Windows NT Driver development☆12Apr 14, 2024Updated last year
- Yet another windows internals repo☆220Aug 29, 2021Updated 4 years ago
- BYOVD: Loading dbk64.sys and grabbing a handle to it☆164Jun 8, 2022Updated 3 years ago
- Debug Print viewer (user and kernel)☆72Feb 7, 2024Updated 2 years ago
- Bindings for Microsoft WinDBG TTD☆235Aug 5, 2023Updated 2 years ago
- Browse Page Tables on Windows (Page Table Viewer)☆236Apr 2, 2022Updated 3 years ago
- CFB is a ProcMon-style tool designed to assist capturing IRPs sent to Windows drivers.☆332Mar 26, 2024Updated last year
- Time Travel Debugging IDA plugin☆596Jun 27, 2024Updated last year
- A Cross-Platform C++ parser library for Windows user minidumps with Python 3 bindings.☆230Oct 3, 2025Updated 5 months ago
- PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap☆214Jul 2, 2020Updated 5 years ago
- Yet another variant of Process Hollowing☆460Jul 31, 2025Updated 7 months ago
- A Windows kernel-mode rootkit that abuses legitimate communication channels to control a machine.☆723Aug 5, 2020Updated 5 years ago
- ☆24Sep 26, 2021Updated 4 years ago
- ☆138Aug 3, 2021Updated 4 years ago
- ☆31Jan 12, 2022Updated 4 years ago
- Hook system calls on Windows by using Kaspersky's hypervisor☆1,285Feb 14, 2026Updated last month
- A DTrace on Windows Reimplementation☆372Mar 12, 2026Updated last week
- ☆14Jan 7, 2022Updated 4 years ago
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆300Sep 28, 2021Updated 4 years ago
- Dump of win32k POCs for bugs I've found☆380Mar 6, 2022Updated 4 years ago
- Some of my windows kernel exploits for learning purposes☆137May 18, 2022Updated 3 years ago
- ☆119Aug 7, 2022Updated 3 years ago
- Expriments☆479Oct 3, 2024Updated last year
- Windows NT x64 syscall fuzzer☆634Feb 19, 2026Updated last month
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆73Aug 11, 2023Updated 2 years ago
- Detect strange memory regions and DLLs☆190Jan 20, 2022Updated 4 years ago
- ☆18Jul 4, 2019Updated 6 years ago
- A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.☆437Aug 22, 2018Updated 7 years ago
- A simple password-based PE encryptor for Windows 32-bit executables.☆51Jan 9, 2025Updated last year
- Leaked Windows processes handles identification tool☆290Mar 14, 2022Updated 4 years ago
- 参考taviso的代码逆向一下mpengine.dll☆20Jun 30, 2022Updated 3 years ago
- Windows Common Log File System Driver POC☆95Dec 21, 2021Updated 4 years ago
- Kernel shellcode injector☆148Mar 23, 2021Updated 4 years ago
- Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CV…☆260Sep 1, 2022Updated 3 years ago
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆663Jan 28, 2025Updated last year
- msFuzz is a coverage-guided fuzzer for Windows kernel drivers that utilizes Intel PT and leverages constraint and dependency analysis to …☆220Dec 24, 2025Updated 2 months ago
- An IDA Plugin that help analyzing module that use COM☆231Oct 10, 2025Updated 5 months ago