☆51Apr 13, 2020Updated 5 years ago
Alternatives and similar repositories for WindowsKernelProgramming-Exercises
Users that are interested in WindowsKernelProgramming-Exercises are comparing it to the libraries listed below
Sorting:
- ☆10Aug 16, 2019Updated 6 years ago
- Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.☆99Jul 7, 2020Updated 5 years ago
- Microsoft Edge Microsoft Edge主页算法☆20Apr 15, 2019Updated 6 years ago
- ShellcodeVM☆15Jun 20, 2016Updated 9 years ago
- Detect the SCI in windows.☆11Mar 23, 2017Updated 8 years ago
- ☆138Nov 24, 2025Updated 3 months ago
- ☆15Jun 13, 2025Updated 8 months ago
- POC for a race condition exploit using directory junctions in Windows☆17Apr 26, 2020Updated 5 years ago
- ☆27Aug 25, 2020Updated 5 years ago
- Anti-virus engine in Windows using VC++ 6.0 and MFC. We applied windows multithreading in virus scan method and user interface. Using MFC…☆16Oct 21, 2016Updated 9 years ago
- ☆17Oct 31, 2022Updated 3 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆65Jun 19, 2019Updated 6 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 5 years ago
- Rekall Memory Forensic Framework☆33Aug 5, 2019Updated 6 years ago
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆66Apr 4, 2020Updated 5 years ago
- PeaceMaker Threat Detection is a Windows kernel-based application that detects advanced techniques used by malware.☆431May 22, 2020Updated 5 years ago
- Simple reverse shell over Slack☆57Apr 18, 2021Updated 4 years ago
- Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …☆111Apr 20, 2021Updated 4 years ago
- Undocumented NsiAllocateAndGetTable usage in GetTcpTableInternal reverse engineered on Win7 X64☆20Apr 7, 2018Updated 7 years ago
- ☆18Apr 4, 2019Updated 6 years ago
- Windows system repair tool☆18Jun 2, 2021Updated 4 years ago
- ☆99Oct 6, 2017Updated 8 years ago
- Exploiting CPU-Z Driver To Turn Load Unsigned Drivers☆131Aug 10, 2017Updated 8 years ago
- A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.☆14Jul 18, 2018Updated 7 years ago
- XPN's RpcEnum but based on IDA instead of Ghidra☆21Aug 17, 2019Updated 6 years ago
- a c++ implementation of ntlm☆23Jan 24, 2018Updated 8 years ago
- Source files for my posts☆17Jun 20, 2023Updated 2 years ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆108Jan 3, 2021Updated 5 years ago
- A driver that hooks C: volume using symbolic link callback to track all FS access to the volume☆110Apr 24, 2020Updated 5 years ago
- windows rpc 使用MIDL+RPC实现HelloWorld☆23Mar 21, 2018Updated 7 years ago
- A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro…☆19Nov 20, 2020Updated 5 years ago
- Service Enumeration C# .NET Assembly☆58Sep 14, 2021Updated 4 years ago
- Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.☆158Jun 10, 2019Updated 6 years ago
- PoC demonstrating the use of cve-2020-1034 for privilege escalation☆126Mar 16, 2021Updated 4 years ago
- A PoC designed to bypass all usermode hooks in a WoW64 environment.☆150Sep 16, 2020Updated 5 years ago
- ☆24Aug 30, 2019Updated 6 years ago
- ☆19Nov 26, 2020Updated 5 years ago
- Implementation of the .NET Profiler DLL hijack in C#☆98Dec 14, 2018Updated 7 years ago
- fork HoShiMin Avanguard☆20Sep 29, 2018Updated 7 years ago