XShar / Windows_Kernel_Programming
Windows Kernel Programming (Обзорный перевод книги)
☆55Updated 4 years ago
Alternatives and similar repositories for Windows_Kernel_Programming:
Users that are interested in Windows_Kernel_Programming are comparing it to the libraries listed below
- An example of how x64 kernel shellcode can dynamically find and use APIs☆104Updated 4 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆53Updated 5 years ago
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆69Updated last year
- Скрытие строки от отладчиков и декомпиляторов☆50Updated 5 years ago
- fix vmprotect import function used unicorn-engine.☆92Updated last year
- Resolve DOS MZ executable symbols at runtime☆96Updated 3 years ago
- arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system☆55Updated 3 years ago
- ☆58Updated 2 years ago
- LSASS INJECTOR☆34Updated 6 years ago
- This utility allows you to lock every available memory regions of an arbitrary process into its working set.☆67Updated last year
- win10 pgContext dynamic dump (btc version)☆105Updated 5 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆50Updated 4 years ago
- ☆123Updated 4 years ago
- x64 syscall caller in C++.☆86Updated 6 years ago
- All Nt Syscall and W32k Syscall in one asm, include, and call it!☆57Updated 3 years ago
- Obfuscate calls to imports by patching in stubs☆66Updated 3 years ago
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆39Updated 2 years ago
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆139Updated 2 years ago
- x64 Windows PatchGuard bypass, register process-creation callbacks from unsigned code☆200Updated 3 years ago
- Anti-Debug encyclopedia contains methods used by malware to verify if they are executed under debugging. It includes the description of v…☆52Updated last year
- Sample project for kernel debugging automation with Vagrant☆59Updated 4 years ago
- Takes a Windbg dumped structure (using the 'dt' command) and formats it into a C structure☆35Updated 6 months ago
- Rootkit & Anti-rootkit☆39Updated last year
- Multi-purpose proof-of-concept tool based on CPU-Z CVE-2017-15303☆108Updated 6 years ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆62Updated last year
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆75Updated 14 years ago
- exploit termdd.sys(support kb4499175)☆57Updated 5 years ago
- This is the P.O.C source for hooking the system calls on Windows 10 (1903) using it's dynamic trace feature weakness☆51Updated 5 years ago
- PoC: Rebuild A New Path Back to the Heaven's Gate (HITB 2021)☆103Updated 3 years ago
- ☆67Updated 4 years ago