VergiliusProject / vergilius-project
This project provides a collection of Microsoft Windows kernel structures, unions and enumerations. Most of them are not officially documented and cannot be found in Windows Driver Kit (WDK) headers. The target audience of this site is driver developers and kernel researches.
☆161Updated 5 months ago
Related projects ⓘ
Alternatives and complementary repositories for vergilius-project
- Research on Windows Kernel Executive Callback Objects☆278Updated 4 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆206Updated 5 years ago
- A library to develop kernel level Windows payloads for post HVCI era☆366Updated 3 years ago
- APC Internals Research Code☆158Updated 4 years ago
- ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…☆196Updated 2 years ago
- IDA Pro plugin to make bitfield accesses easier to grep☆229Updated 7 months ago
- A more stealthy variant of "DLL hollowing"☆337Updated 8 months ago
- Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks☆326Updated 3 weeks ago
- Yet another windows internals repo☆205Updated 3 years ago
- Code Injection, Inject malicious payload via pagetables pml4.☆226Updated 3 years ago
- BYOVD: Loading dbk64.sys and grabbing a handle to it☆149Updated 2 years ago
- MemoryRanger protects kernel data and code by running drivers and hosting data in isolated kernel enclaves using VT-x and EPT features. M…☆219Updated 4 years ago
- x64 Windows PatchGuard bypass, register process-creation callbacks from unsigned code☆196Updated 3 years ago
- Header only wrapper around Hex-Rays API in C++20.☆151Updated 2 years ago
- ☆120Updated last month
- ☆154Updated 3 years ago
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆115Updated 2 months ago
- Browse Page Tables on Windows (Page Table Viewer)☆185Updated 2 years ago
- Set of antianalysis techniques found in malware☆129Updated last year
- A collection of themes based on pastel colors, created for reverse engineers☆114Updated 4 years ago
- Toy scripts for playing with WinDbg JS API☆220Updated 4 months ago
- An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.☆124Updated last year
- Hyper-V Research is trendy now☆172Updated 6 months ago
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆549Updated last month
- This is a collection of interesting codes about Windows Process creation.☆230Updated 10 months ago
- Debugger Anti-Detection Benchmark☆291Updated 11 months ago
- A list of excellent resources for anyone to deepen their understanding with regards to Windows Kernel Exploitation and general low level …☆123Updated 2 years ago
- Resolve DOS MZ executable symbols at runtime☆93Updated 3 years ago
- ☆93Updated 3 years ago