Whitebird0 / Windows-kernel-learning-notesLinks
☆17Updated 3 years ago
Alternatives and similar repositories for Windows-kernel-learning-notes
Users that are interested in Windows-kernel-learning-notes are comparing it to the libraries listed below
Sorting:
- 利用物理内存映射,实现虚拟内存的伪隐藏☆83Updated 3 years ago
- 一个windows内核驱动分析框架,对内核所有导出函数进行挂钩监控☆62Updated 2 months ago
- 使用 Intel 虚拟化特性实现应用层HOOK☆62Updated last month
- Win7内核私有符号结构转储☆69Updated 4 years ago
- 收集常用windows版本内核文件☆34Updated 2 years ago
- 大数字驱动逆向代码☆74Updated last year
- 无痕注入1☆75Updated 4 years ago
- ☆53Updated 2 years ago
- Enum and Remove Hook in Windows☆39Updated last week
- Quick check of NT kernel exported&unexported functions/global variable offset NT内核导出以及未导出函数+全局变量偏移速查☆96Updated 2 years ago
- 《Windows内核编程》学习☆61Updated 4 years ago
- 不使用3环挂钩进行DWM桌面绘制☆79Updated 3 years ago
- A simple python script to check evil Visual Studio projects☆20Updated last year
- 过TP驱动☆28Updated 5 years ago
- VT Hook☆47Updated last year
- Hook NtDeviceIoControlFile with PatchGuard☆108Updated 3 years ago
- ☆46Updated last year
- https://key08.com/index.php/2021/10/19/1375.html☆71Updated 3 years ago
- Anti-Rootkit & System kernel management tool☆34Updated this week
- 之前学习X64VT写的代码,很多坑,但是大体的逻辑还是完整的。现发出来给更多想学VT的人参考...☆70Updated 4 years ago
- 保护进程☆23Updated 2 years ago
- etw hook (syscall/infinity hook) compatible with the latest Windows version of PG☆19Updated last year
- 驱动加载器 -> 利用iqvw64e.sys映射驱动☆55Updated 5 years ago
- Free(or force?)file and delete it☆11Updated 6 years ago
- Session0注入: 用于实现对系统进程的远程线程注入☆14Updated 2 years ago
- ☆21Updated 6 years ago
- 一款64位Exe程序动态追踪执行流程以及保存信息的工具☆51Updated 11 months ago
- 研究和移除各种内核回调,在anti anti cheat的路上越走越远☆180Updated 3 years ago
- 自写驱动内存注入☆28Updated 4 years ago
- sc4cpp is a shellcode framework based on C++☆92Updated 4 years ago