VergiliusProject / vergilius-projectLinks
This project provides a collection of Microsoft Windows kernel structures, unions and enumerations. Most of them are not officially documented and cannot be found in Windows Driver Kit (WDK) headers. The target audience of this site is driver developers and kernel researches.
☆223Updated 2 weeks ago
Alternatives and similar repositories for vergilius-project
Users that are interested in vergilius-project are comparing it to the libraries listed below
Sorting:
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆237Updated 6 years ago
- Research on Windows Kernel Executive Callback Objects☆312Updated 5 years ago
- Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks☆394Updated 4 months ago
- A library to develop kernel level Windows payloads for post HVCI era☆466Updated 4 years ago
- APC Internals Research Code☆168Updated 5 years ago
- ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…☆219Updated 3 years ago
- Yet another windows internals repo☆209Updated 4 years ago
- MemoryRanger protects kernel data and code by running drivers and hosting data in isolated kernel enclaves using VT-x and EPT features. M…☆230Updated 5 years ago
- CFB is a ProcMon-style tool designed to assist capturing IRPs sent to Windows drivers.☆334Updated last year
- Toy scripts for playing with WinDbg JS API☆242Updated last year
- Debugger Anti-Detection Benchmark☆373Updated 3 months ago
- Code Injection, Inject malicious payload via pagetables pml4.☆242Updated 4 years ago
- Advanced driver monitoring utility.☆217Updated 3 years ago
- An IDA Plugin that help analyzing module that use COM☆228Updated last month
- Analyze patches in a process☆258Updated 4 years ago
- x64 Windows PatchGuard bypass, register process-creation callbacks from unsigned code☆208Updated 4 years ago
- A collection of various vulnerable (mostly physical memory exposing) drivers.☆419Updated 3 years ago
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆623Updated 9 months ago
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆157Updated last year
- msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation to be used within IDA.☆155Updated last year
- BYOVD: Loading dbk64.sys and grabbing a handle to it☆160Updated 3 years ago
- This is a collection of interesting codes about Windows Process creation.☆239Updated last year
- A modern c++ implementation of windows heavens gate☆238Updated 5 years ago
- IDA Pro plugin to make bitfield accesses easier to grep☆248Updated 3 months ago
- ☆148Updated 2 years ago
- A collection of themes based on pastel colors, created for reverse engineers☆152Updated 7 months ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆255Updated 3 years ago
- ☆164Updated 4 years ago
- Global user-mode hooking framework, based on AppInit_DLLs. The goal is to allow you to rapidly develop hooks to inject in an arbitrary pr…☆182Updated 3 years ago
- A Windows kernel dump C++ parser library with Python 3 bindings.☆211Updated last month