ajkhoury / Windbg2Struct
Takes a Windbg dumped structure (using the 'dt' command) and formats it into a C structure
☆35Updated 9 months ago
Alternatives and similar repositories for Windbg2Struct:
Users that are interested in Windbg2Struct are comparing it to the libraries listed below
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆67Updated 5 years ago
- Analyze PatchGuard☆58Updated 6 years ago
- ☆45Updated 4 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆55Updated 5 years ago
- Helper utility for debugging windows PE/PE+ loader.☆52Updated 10 years ago
- IA32-doc is a project which aims to put as many definitions from the Intel Manual into machine-processable format as possible☆16Updated 3 years ago
- Windows 10 kernel and ntdll internal types, directly compatible with ida.☆50Updated 6 years ago
- An API Monitor based on Instrumentation☆43Updated 7 years ago
- Shareds for kernel developement☆28Updated 11 years ago
- Tools made for my Hyper-V blog series @ https://foxhex0ne.blogspot.com/☆57Updated 4 years ago
- Exploiting HEVD's WriteWhatWhereIoctlDispatch for LPE on Windows 10 TH2 through RS3 using GDI objects.☆24Updated 7 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆29Updated 8 years ago
- Windbg extension that allows you analyze Control Flow Guard map☆35Updated 3 years ago
- Polymorphic Stub Creator☆33Updated 7 years ago
- Adding exceptions to Microsoft's Control Flow Guard (CFG)☆58Updated 8 years ago
- Figuring out the cause of a handle downgrade☆24Updated 2 years ago
- This is a simple driver with x64 inline assembly☆54Updated 4 years ago
- just an lite AntiRootkit for interesting☆23Updated 9 years ago
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆49Updated 4 years ago
- drvtriks kernel driver for Windows 7 SP1 and 8.1 x64, that tricks around in your system.☆31Updated 7 years ago
- A research project about Windows notify routines.☆35Updated 4 years ago
- clone of armadillo patched for windows☆47Updated 6 months ago
- viewing page boundaries of pages with PAGE_NOACCESS protection reveals the presence of x64dbg.☆23Updated 8 years ago
- ☆68Updated 4 years ago
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆75Updated 14 years ago
- PoC of BOOST-ed _EPROCESS.VadRoot iterating☆25Updated 10 years ago
- 大表哥的Syscall-Monitor☆34Updated 5 years ago
- POC of sysenter x64 LSTAR MSR hook☆39Updated 10 years ago
- win32/x64 obfuscate framework☆32Updated 6 years ago
- ☆34Updated 4 years ago