XShar / Windows_Kernel_ProgrammingLinks
Windows Kernel Programming (Обзорный перевод книги)
☆58Updated 4 years ago
Alternatives and similar repositories for Windows_Kernel_Programming
Users that are interested in Windows_Kernel_Programming are comparing it to the libraries listed below
Sorting:
- An example of how x64 kernel shellcode can dynamically find and use APIs☆107Updated 5 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆63Updated 6 years ago
- This utility allows you to lock every available memory regions of an arbitrary process into its working set.☆70Updated 2 years ago
- win10 pgContext dynamic dump (btc version)☆107Updated 5 years ago
- PoC for hiding PE exports☆67Updated 4 years ago
- Call 32bit NtDLL API directly from WoW64 Layer☆60Updated 4 years ago
- A static analysis tool that helps security researchers scan a list of Windows kernel drivers for common vulnerability patterns in drivers…☆70Updated 3 years ago
- Resolve DOS MZ executable symbols at runtime☆95Updated 3 years ago
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆179Updated 7 years ago
- This is a place to share my miscellaneous projects.☆114Updated 5 years ago
- Скрытие строки от отладчиков и декомпиляторов☆51Updated 5 years ago
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆73Updated 2 years ago
- Multi-purpose proof-of-concept tool based on CPU-Z CVE-2017-15303☆110Updated 7 years ago
- obfacros - a set of C++ macros that can be used to obfuscate your c/c++ code, to make executables harder for reverse-engineering.☆46Updated 6 years ago
- All Nt Syscall and W32k Syscall in one asm, include, and call it!☆58Updated 3 years ago
- This is a simple driver with x64 inline assembly☆57Updated 5 years ago
- LSASS INJECTOR☆35Updated 6 years ago
- ntoskrnl symbol pdb and undocument structures☆25Updated 7 years ago
- arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system☆57Updated 3 years ago
- ☆21Updated 8 years ago
- ☆55Updated 8 years ago
- Standalone program to download PDB Symbol files for debugging without WDK☆79Updated 6 years ago
- Kernel shellcode injector☆145Updated 4 years ago
- Takes a Windbg dumped structure (using the 'dt' command) and formats it into a C structure☆36Updated last year
- ☆47Updated 5 years ago
- Command like tool to print mitigation flags for running processes in a memory dump☆47Updated 5 years ago
- Anti-Debug encyclopedia contains methods used by malware to verify if they are executed under debugging. It includes the description of v…☆61Updated last year
- PEBFake(修改PEB 伪装当前进程路径、参数等)☆52Updated 4 years ago
- Windbg2ida lets you dump each step in Windbg then shows these steps in IDA☆74Updated last year
- Rootkit & Anti-rootkit☆41Updated last year