ajkhoury / Windbg2StructLinks
Takes a Windbg dumped structure (using the 'dt' command) and formats it into a C structure
☆35Updated 11 months ago
Alternatives and similar repositories for Windbg2Struct
Users that are interested in Windbg2Struct are comparing it to the libraries listed below
Sorting:
- Analyze PatchGuard☆58Updated 6 years ago
- Shareds for kernel developement☆28Updated 11 years ago
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆67Updated 5 years ago
- Driver demonstrating how to register a DPC to asynchronously wait on an object☆49Updated 4 years ago
- IA32-doc is a project which aims to put as many definitions from the Intel Manual into machine-processable format as possible☆16Updated 3 years ago
- Windows 10 UAC bypass PoC using LaunchInfSection☆34Updated 6 years ago
- ☆46Updated 4 years ago
- Exploiting HEVD's WriteWhatWhereIoctlDispatch for LPE on Windows 10 TH2 through RS3 using GDI objects.☆24Updated 7 years ago
- Adding exceptions to Microsoft's Control Flow Guard (CFG)☆58Updated 9 years ago
- ☆68Updated 4 years ago
- Figuring out the cause of a handle downgrade☆24Updated 2 years ago
- POC of sysenter x64 LSTAR MSR hook☆39Updated 10 years ago
- Windows sandbox PoC☆31Updated 5 years ago
- Windows 10 kernel and ntdll internal types, directly compatible with ida.☆51Updated 6 years ago
- Helper utility for debugging windows PE/PE+ loader.☆52Updated 10 years ago
- Polymorphic Stub Creator☆33Updated 8 years ago
- Tools made for my Hyper-V blog series @ https://foxhex0ne.blogspot.com/☆58Updated 5 years ago
- This is a simple driver with x64 inline assembly☆56Updated 4 years ago
- win32/x64 obfuscate framework☆32Updated 6 years ago
- drvtriks kernel driver for Windows 7 SP1 and 8.1 x64, that tricks around in your system.☆32Updated 7 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆60Updated 6 years ago
- An API Monitor based on Instrumentation☆43Updated 7 years ago
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆78Updated 14 years ago
- IDA script for vmprotect Windows Api address decoder☆51Updated 4 years ago
- Detects if a Kernel mode debugger is active by reading the value of KUSER_SHARED_DATA.KdDebuggerEnabled. It is a high level and portable …☆23Updated 7 years ago
- Windbg extension that allows you analyze Control Flow Guard map☆35Updated 3 years ago
- kernel-mode TDI client which can send and receive HTTP requests☆55Updated 7 years ago
- PoC of BOOST-ed _EPROCESS.VadRoot iterating☆25Updated 11 years ago
- just an lite AntiRootkit for interesting☆23Updated 9 years ago
- ☆35Updated 4 years ago