Some drivers I've written while solving exercises from Practical Reverse Engineering
☆15Jan 9, 2022Updated 4 years ago
Alternatives and similar repositories for Practical-Reverse-Engineering-Solutions
Users that are interested in Practical-Reverse-Engineering-Solutions are comparing it to the libraries listed below
Sorting:
- Hooking Heavens Gate in a weekend☆13Jan 1, 2022Updated 4 years ago
- Anti-Analysis technique, trick the debugger by Hiding events from it.☆20Sep 6, 2021Updated 4 years ago
- Nightshade is a Windows Memory Manipluation library specifically for injecting DLLs and Game Hacking☆13Dec 12, 2022Updated 3 years ago
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated last year
- ☆26Sep 29, 2022Updated 3 years ago
- ☆17Oct 31, 2022Updated 3 years ago
- Illustrates the concept of return address spoofing, and how it is used.☆14May 13, 2020Updated 5 years ago
- clearing traces of a loaded driver☆47Jul 2, 2022Updated 3 years ago
- arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system☆58Nov 16, 2021Updated 4 years ago
- A PoC for requesting HWIDs directly from hardware, skipping any potential hooks or OS support.☆89Mar 16, 2021Updated 4 years ago
- Hijack NotifyRoutine for a kernelmode thread☆41Jun 4, 2022Updated 3 years ago
- Corsair LL Access driver abuse☆24Apr 16, 2021Updated 4 years ago
- NT AUTHORITY\SYSTEM☆43Jul 8, 2020Updated 5 years ago
- ☆25May 21, 2021Updated 4 years ago
- ☆38Nov 30, 2022Updated 3 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- Windows Kernel Programming☆133May 11, 2020Updated 5 years ago
- So you want to fix a raw .net file manually ? I got it!, Let's fix RVA and Sizes, Relocations, EP, IAT, Metadata Dir, Directory, BSJB, In…☆10Aug 8, 2022Updated 3 years ago
- Learn Winapi in this Repo with examples, to understand its abstraction in reverse engineering for Windows.☆11Aug 8, 2022Updated 3 years ago
- Static Library For Windows Drivers☆41Dec 13, 2025Updated 2 months ago
- ☆42Jul 1, 2022Updated 3 years ago
- Documenting system information classes and their uses☆56Oct 18, 2021Updated 4 years ago
- Some usefull info when reverse engineering Kernel Mode Anti-Cheat☆78Feb 20, 2023Updated 3 years ago
- CVE-2018-19320 LPE Exploit☆10Jun 19, 2023Updated 2 years ago
- VT Hook☆51Jul 2, 2024Updated last year
- kernel driver used to monitor the activity of BadlionAnticheat.sys by patching its IAT☆32Jul 9, 2021Updated 4 years ago
- Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.☆32May 18, 2022Updated 3 years ago
- Process Creation, Image Load and Thread Creation Notification☆13Sep 15, 2023Updated 2 years ago
- a method for undetectable breakpoints in 32-bit Windows programs☆13May 15, 2014Updated 11 years ago
- Source code on the 1.44MB 3.5 floppy accompanying the Windows NT File System Internals book.☆20Jul 31, 2019Updated 6 years ago
- Turbodiff is a binary diffing tool developed as an IDA plugin. It discovers and analyzes differences between the functions of two binarie…☆14Sep 23, 2021Updated 4 years ago
- stack based buffer overflow in MsIo64.sys, Proof of Concept Local Privilege Escalation to nt authority/system☆12Jun 7, 2021Updated 4 years ago
- Walks through the 4-level paging structures in Windows x64☆13Feb 12, 2023Updated 3 years ago
- ☆59Jun 8, 2022Updated 3 years ago
- ☆33Dec 22, 2020Updated 5 years ago
- LPC (Local Procedure Call) is a portion of Windows NT kernel, used for fast communication between threads or processes. It can be also us…☆15Mar 21, 2021Updated 4 years ago
- WinPools is an example of how Windows kernel big pool addresses can be leaking using NtQuerySystemInformation☆15Jun 23, 2019Updated 6 years ago
- Custom KiSystemStartup, can be used to modificate kernel before boot.☆53Apr 7, 2022Updated 3 years ago
- Manually Mapped Windows Kernel Driver + Usermode API for Arbitrary R/W to UM process via a UM thread trapped in kernel, synchronized with…☆15Dec 23, 2020Updated 5 years ago