Whitebird0/Windows-kernel-learning-notes external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Whitebird0/Windows-kernel-learning-notes

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Whitebird0/Windows-kernel-learning-notes)

Close

Whitebird0 / Windows-kernel-learning-notesView on GitHubMore

• External links
• Readme badge

☆17Apr 9, 2022Updated 3 years ago

Alternatives and similar repositories for Windows-kernel-learning-notes

Users that are interested in Windows-kernel-learning-notes are comparing it to the libraries listed below

• Nitr0-G / DriverLoader

  View on GitHub
  it's a driver injector or driver loader header lib(Windows)
  ☆12Aug 5, 2023Updated 2 years ago
• kanren3 / DllInject

  View on GitHub
  DllInject (Memory Load)
  ☆11Jan 5, 2019Updated 7 years ago
• huafuge / MemoryLoadDll

  View on GitHub
  内存加载DLL 支持VMP最大加密
  ☆12Aug 11, 2020Updated 5 years ago
• SimonZhong2025 / Waste-Self-Rescue-Scheme

  View on GitHub
  废物自救项目！一起向光而行！！！
  ☆11May 7, 2022Updated 3 years ago
• Whitebird0 / drip-Reverse

  View on GitHub
  滴水逆向笔记
  ☆32Mar 10, 2022Updated 3 years ago
• londscape / cs2-simple-esp

  View on GitHub
  simple undetect esp
  ☆12Mar 19, 2024Updated last year
• Dy-Baby / PageTableHook

  View on GitHub
  ☆17Dec 18, 2022Updated 3 years ago
• MahmoudZohdy / IAT-Obfuscation

  View on GitHub
  IAT-Obfuscation to make static analysis of executable harder.
  ☆44Sep 6, 2021Updated 4 years ago
• RSSU-Shellcode / Gleam-RT

  View on GitHub
  A runtime for developing large-scale and complex shellcode.
  ☆22Feb 15, 2026Updated last week
• hackflame / winx64HookLib

  View on GitHub
  x64HOOK库
  ☆18Jan 14, 2020Updated 6 years ago
• alfarom256 / PebLdr

  View on GitHub
  ☆15Dec 16, 2020Updated 5 years ago
• mFallW1nd / deflat

  View on GitHub
  a deflat script using unicorn engine
  ☆43Oct 23, 2022Updated 3 years ago
• threatexpert / atrk-win

  View on GitHub
  针对windows rootkit的一些检测，分别从进程、端口、文件这三个方面进行检测。
  ☆21Jan 16, 2025Updated last year
• Sentient111 / StealingSignatures

  View on GitHub
  Stealing signatures from pe files
  ☆15Apr 1, 2025Updated 10 months ago
• wlingze / golang_rev

  View on GitHub
  A simple golang reverse engineering ida plugin
  ☆19Dec 16, 2020Updated 5 years ago
• wanttobeno / KProtect

  View on GitHub
  Driver protect 驱动保护
  ☆46Apr 23, 2020Updated 5 years ago
• 1401199262 / Protect_Process

  View on GitHub
  ☆117Feb 11, 2022Updated 4 years ago
• deprecate1 / MySpy

  View on GitHub
  Yet-Another-Spy
  ☆19Apr 21, 2017Updated 8 years ago
• BobH233 / BobHWinDriver

  View on GitHub
  A simple Windows kernel driver containing MemRead/Write, KillProcess, I/O Call...
  ☆24Aug 27, 2019Updated 6 years ago
• Sentient111 / ClearDriverTraces

  View on GitHub
  clearing traces of a loaded driver
  ☆47Jul 2, 2022Updated 3 years ago
• dybb8999 / DriverTool

  View on GitHub
  一个可以帮助你进行Windows驱动开发和分析的工具。
  ☆46Jun 13, 2021Updated 4 years ago
• Oxygen1a1 / InfinityHookClass

  View on GitHub
  EtwHook for win7-win11;
  ☆23Sep 13, 2022Updated 3 years ago
• Dy-Baby / ImGUI-Advanced-Cheat-Menu

  View on GitHub
  ☆24Oct 25, 2022Updated 3 years ago
• ninecents / MyOpen

  View on GitHub
  我的开源：讲解anything
  ☆20Nov 7, 2020Updated 5 years ago
• TimelifeCzy / kHypervisorBasic

  View on GitHub
  VT Hook
  ☆51Jul 2, 2024Updated last year
• skrandy / ProtectYourProcess

  View on GitHub
  保护进程
  ☆24Apr 4, 2023Updated 2 years ago
• XAGU / Driver-Learning

  View on GitHub
  学习windows驱动相关
  ☆23Jul 31, 2019Updated 6 years ago
• alfarom256 / UserVAtoPhysical

  View on GitHub
  Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address
  ☆23Nov 22, 2021Updated 4 years ago
• Hex0ffset / ceserver-pcileech

  View on GitHub
  A Cheat Engine server for DMA based memory access using PCILeech
  ☆24May 17, 2024Updated last year
• Kerrbty / RemoteLoadDll

  View on GitHub
  远程注入无导入函数dll，自动重定位以后内存加载dll
  ☆49Apr 27, 2019Updated 6 years ago
• wanttobeno / BypaPH

  View on GitHub
  BypaPH - Process Hacker's bypass (read/write any process virtual memory & kernel mem) 带签名驱动，驱动级内存读取
  ☆23Sep 3, 2020Updated 5 years ago
• PShocker / de-ollvm

  View on GitHub
  IDA Python Script for anti ollvm
  ☆107Aug 25, 2021Updated 4 years ago
• Yyyyshen / WindowsKernelPrograming

  View on GitHub
  《Windows内核编程》学习
  ☆62Feb 23, 2021Updated 5 years ago
• 1401199262 / MemoryVirtualization

  View on GitHub
  ☆174Mar 9, 2022Updated 3 years ago
• Broihon / StartRoutine

  View on GitHub
  A library with four different methods to execute shellcode in a process
  ☆26Mar 24, 2020Updated 5 years ago
• bode135 / CF-Flying

  View on GitHub
  CF手游飞天、高跳功能，Python实现，特征码定位地址，雷电模拟器版本
  ☆26Mar 29, 2020Updated 5 years ago
• FiYHer / kdmapper

  View on GitHub
  驱动加载器 -> 利用iqvw64e.sys映射驱动
  ☆56Jul 23, 2020Updated 5 years ago
• IcEy-999 / Ntoskrnl_Viewer

  View on GitHub
  可在非测试模式下符号化读取内核内存。Kernel memory can be read symbolically in non test mode。
  ☆109Sep 1, 2022Updated 3 years ago
• yjugl / mitimon

  View on GitHub
  Monitor ETW events for Windows process mitigation policies, with stack traces
  ☆31Oct 7, 2022Updated 3 years ago