☆149Jun 5, 2023Updated 2 years ago
Alternatives and similar repositories for IOCTLDump
Users that are interested in IOCTLDump are comparing it to the libraries listed below
Sorting:
- Browse Page Tables on Windows (Page Table Viewer)☆234Apr 2, 2022Updated 3 years ago
- ☆30Oct 13, 2020Updated 5 years ago
- BYOVD: Loading dbk64.sys and grabbing a handle to it☆164Jun 8, 2022Updated 3 years ago
- Bindings for Microsoft WinDBG TTD☆235Aug 5, 2023Updated 2 years ago
- Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks☆412Jul 4, 2025Updated 7 months ago
- Debug Print viewer (user and kernel)☆72Feb 7, 2024Updated 2 years ago
- Yet another windows internals repo☆212Aug 29, 2021Updated 4 years ago
- Time Travel Debugging IDA plugin☆592Jun 27, 2024Updated last year
- CFB is a ProcMon-style tool designed to assist capturing IRPs sent to Windows drivers.☆333Mar 26, 2024Updated last year
- A Cross-Platform C++ parser library for Windows user minidumps with Python 3 bindings.☆226Oct 3, 2025Updated 4 months ago
- Repository of different kernel drivers written while studying Windows NT Driver development☆12Apr 14, 2024Updated last year
- A Windows kernel-mode rootkit that abuses legitimate communication channels to control a machine.☆722Aug 5, 2020Updated 5 years ago
- A simple password-based PE encryptor for Windows 32-bit executables.☆51Jan 9, 2025Updated last year
- ☆24Sep 26, 2021Updated 4 years ago
- ☆118Aug 7, 2022Updated 3 years ago
- Leaked Windows processes handles identification tool☆291Mar 14, 2022Updated 3 years ago
- Yet another variant of Process Hollowing☆458Jul 31, 2025Updated 7 months ago
- Hook system calls on Windows by using Kaspersky's hypervisor☆1,278Feb 14, 2026Updated 2 weeks ago
- Expriments☆478Oct 3, 2024Updated last year
- ☆153Jul 31, 2022Updated 3 years ago
- A DTrace on Windows Reimplementation☆369Feb 3, 2026Updated 3 weeks ago
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆73Aug 11, 2023Updated 2 years ago
- Windows Common Log File System Driver POC☆95Dec 21, 2021Updated 4 years ago
- PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap☆215Jul 2, 2020Updated 5 years ago
- Kernel shellcode injector☆148Mar 23, 2021Updated 4 years ago
- Global user-mode hooking framework, based on AppInit_DLLs. The goal is to allow you to rapidly develop hooks to inject in an arbitrary pr…☆182Mar 10, 2022Updated 3 years ago
- ☆31Jan 12, 2022Updated 4 years ago
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆300Sep 28, 2021Updated 4 years ago
- Windows NT x64 syscall fuzzer☆634Feb 19, 2026Updated last week
- Detect strange memory regions and DLLs☆185Jan 20, 2022Updated 4 years ago
- A virtualization-based endpoint security solution for Windows☆88May 23, 2021Updated 4 years ago
- VT-based PCI device monitor (SPI)☆158Oct 29, 2020Updated 5 years ago
- Dump of win32k POCs for bugs I've found☆381Mar 6, 2022Updated 3 years ago
- An IDA Plugin that help analyzing module that use COM☆230Oct 10, 2025Updated 4 months ago
- ☆137Aug 3, 2021Updated 4 years ago
- Some of my windows kernel exploits for learning purposes☆137May 18, 2022Updated 3 years ago
- A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.☆437Aug 22, 2018Updated 7 years ago
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆657Jan 28, 2025Updated last year
- ☆165Sep 18, 2021Updated 4 years ago