Whitebird0 / Windows-kernel-learning-notes
☆18Updated 3 years ago
Alternatives and similar repositories for Windows-kernel-learning-notes
Users that are interested in Windows-kernel-learning-notes are comparing it to the libraries listed below
Sorting:
- Exploit vulnerabilities in NeacSafe64.sys to achieve privilege escalation and kernel-mode shellcode execution☆9Updated last month
- 利用物理内存映射,实现虚拟内存的伪隐藏☆83Updated 2 years ago
- 一个windows内核驱动分析框架,对内核所有导出函数进行挂钩监控☆38Updated last week
- 非编译时代码混淆,包括代码块拆分、代码乱序、常量加密、代码变异、抹除jcc、局部混淆等,主要提供框架以及思路☆31Updated 2 years ago
- 《Windows 内核安全编程技术实践》 系列丛书,探索 Anti RootKit 反内核工具核心原理与技术实现细节。☆59Updated 2 years ago
- 收集常用windows版本内核文件☆32Updated last year
- Win7内核私有符号结构转储☆67Updated 3 years ago
- 使用 Intel 虚拟化特性实现应用层HOOK☆61Updated 2 months ago
- 大数字驱动逆向代码☆71Updated last year
- https://key08.com/index.php/2021/10/19/1375.html☆67Updated 3 years ago
- 滴水中级内核学习☆31Updated 2 years ago
- ida提取特征码脚本☆55Updated 5 years ago
- Hook NtDeviceIoControlFile with PatchGuard☆106Updated 3 years ago
- 一款64位Exe程序动态追踪执行流程以及保存信息的工具☆46Updated 6 months ago
- ☆27Updated last year
- ☆52Updated 2 years ago
- Enum and Remove Hook in Windows☆38Updated this week
- windwos内核研究与驱动Code☆64Updated 3 years ago
- A poc of embedding x64 code into x86 PE file☆18Updated 5 years ago
- Quick check of NT kernel exported&unexported functions/global variable offset NT内核导出以及未导出函数+全局变量偏移速查☆94Updated 2 years ago
- 过TP驱动☆29Updated 5 years ago
- 无痕注入1☆76Updated 3 years ago
- ☆81Updated 4 years ago
- 不使用3环挂钩进行DWM桌面绘制☆80Updated 3 years ago
- 内存加载DLL 支持X86和X64(Memory PELoader Support X86 and X64)☆33Updated last year
- VT Hook☆46Updated 10 months ago
- 简单安排一下 autochk.sys 这个rootkit☆71Updated 2 years ago
- 远程注入无导入函数dll,自动重定位以后内存加载dll☆45Updated 6 years ago
- 《Windows内核编程》学习☆57Updated 4 years ago
- ☆68Updated 3 years ago