albertony / vssLinks
Volume Shadow Copy Service (VSS) utilities
☆82Updated last year
Alternatives and similar repositories for vss
Users that are interested in vss are comparing it to the libraries listed below
Sorting:
- Command line utility for copying files on NTFS using low level disk access☆36Updated last year
- A small tool that allows to run WinAPI functions through command line parameters☆200Updated 2 years ago
- Authenticode Hash Calculator for PE32/PE32+ files☆114Updated last month
- Run any executable as SYSTEM account (no service required)☆137Updated last year
- Work with eBPF on Windows☆42Updated 6 months ago
- Samples from my book Windows Native API programming☆74Updated 3 months ago
- Explore Kernel Objects on Windows☆223Updated 4 months ago
- ☆24Updated last month
- A mini filter driver development framework allows you to develop minit filter driver with different features.☆60Updated 4 months ago
- Windows Filtering Platform Explorer☆289Updated 7 months ago
- A collection of free miscellaneous Windows tools☆137Updated last month
- RPC Monitor tool based on Event Tracing for Windows☆370Updated last year
- Minimal PoC developed as discuss in https://captmeelo.com/redteam/maldev/2022/05/10/ntcreateuserprocess.html☆142Updated 3 years ago
- API Set Viewer☆92Updated 7 months ago
- A global injection and hooking example☆149Updated last year
- Youtube channel sample code☆54Updated 3 weeks ago
- The Console Monitor Driver is a KMDF kernel-mode filter driver that captures certain Fast I/O operations (input and output) that is sent …☆40Updated 2 years ago
- Inject unsigned DLL into Protected Process Light (PPL)☆25Updated 3 months ago
- Runs programs as TrustedInstaller☆49Updated 6 years ago
- Remote Thread Detection with a Kernel Driver☆33Updated 7 months ago
- BITS Transfers Manager☆44Updated 3 months ago
- ☆203Updated 3 years ago
- Tool to convert SDDL to readable text☆41Updated 7 years ago
- View Windows System in action☆42Updated 3 weeks ago
- ☆83Updated 3 years ago
- A tabbed UI for Microsoft's Hyper-V☆221Updated last year
- Windows File Security Utility (replacement for xcacls, icacls, setacl, and subinacl)☆57Updated last year
- Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections☆144Updated 2 years ago
- Run Processes as PPL with ELAM☆167Updated 3 years ago
- Enumerate various traits from Windows processes as an aid to threat hunting☆188Updated 3 years ago