Toroto006 / windows-kernel-driver-pipelineLinks
This master thesis project continuously collects and analyses Microsoft Windows kernel drivers using static and dynamic methods to help security researcher in evaluating and uncovering vulnerabilities.
☆20Updated 7 months ago
Alternatives and similar repositories for windows-kernel-driver-pipeline
Users that are interested in windows-kernel-driver-pipeline are comparing it to the libraries listed below
Sorting:
- Generate a PDB file given the old PDB file and an address mapping☆48Updated 3 months ago
- Elevate arbitrary MSR writes to kernel execution.☆36Updated last year
- Disassembler for Zeus VM custom instruction set☆28Updated last year
- Lightweight PDB symbol parser and resolver☆25Updated 7 months ago
- IFL - Interactive Functions List (plugin for Binary Ninja)☆24Updated 11 months ago
- Custom instruction length for hex-rays☆18Updated 5 months ago
- ☆29Updated 3 years ago
- PDB Rewriting Rust Library☆24Updated last year
- Proof-of-concept game using VBS enclaves to protect itself from cheating☆40Updated 7 months ago
- PEIM (UEFI) bootkit targeting OVMF (EDK2)☆35Updated last year
- A driver to implement IOCTL hooking☆24Updated 3 years ago
- How Meltdown and Spectre haunt Anti-Cheat: DVRT details☆21Updated 10 months ago
- Example of building an application verifer DLL☆46Updated last year
- ☆21Updated 4 months ago
- All LLVM binaries scrambled with SigBreaker and used to test against llvm-lit☆16Updated last month
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year
- LLVM obfuscation pass, flattening at the basic block's level and turning each basic block into a dispacher and each instruction into a ne…☆47Updated 3 years ago
- Symbolic Execution based on lifting amd64 to z3☆27Updated 11 months ago
- A set of LLVM and GCC based plugins that perform code obfuscation.☆124Updated 2 weeks ago
- x86-64 user mode emulation using Zydis☆47Updated 5 months ago
- WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API☆23Updated 3 years ago
- Plugin for x64dbg to disable parallel loading of dependencies☆19Updated 2 years ago
- Binary Ninja plugin for automating VMProtect analysis☆61Updated 2 years ago
- x86-64 Automated test data generator☆22Updated 5 months ago
- A years-old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77.☆38Updated 3 years ago
- Plugin interface for remote communications with Binary Ninja database and MCP server for interfacing with LLMs.☆37Updated last month
- ☆16Updated 2 years ago
- ☆15Updated 2 years ago
- Me fockin' pe protector☆45Updated 2 years ago
- Python bindings for the Icicle emulator.☆35Updated 2 months ago