alex-ilgayev / windbg-kernel-debug-cheat-sheet

Related projects ⓘ

Alternatives and complementary repositories for windbg-kernel-debug-cheat-sheet

• zeze-zeze / ioctlance
  A tool that is used to hunt vulnerabilities in x64 WDM drivers
  ☆163Updated 10 months ago
• VoidSec / ioctlpus
  IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).
  ☆85Updated 2 years ago
• jk45054 / CTF-writeups
  Writeups for CTF challenges
  ☆30Updated last year
• Dump-GUY / IDA_PHNT_TYPES
  Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).
  ☆115Updated 2 months ago
• waleedassar / SimpleNTSyscallFuzzer
  ☆132Updated 9 months ago
• Sentinel-One / peafl64
  Static Binary Instrumentation tool for Windows x64 executables
  ☆180Updated 3 weeks ago
• carlos-al / user-kernel-syscall-hook
  ☆82Updated 5 months ago
• tandasat / hvext
  The Windbg extension that implements commands helpful to study Hyper-V on Intel processors.
  ☆130Updated last month
• yardenshafir / IoRingReadWritePrimitive
  Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2
  ☆221Updated 2 years ago
• connormcgarr / EATGuard
  Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)
  ☆93Updated last year
• YoavLevi / IAT-Tracer
  An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…
  ☆110Updated 4 months ago
• 0vercl0k / symbolizer-rs
  A fast execution trace symbolizer for Windows that runs on all major platforms and doesn't depend on any Microsoft libraries.
  ☆84Updated last month
• hasherezade / pe_unmapper
  Small tool to convert beteween the PE alignments (raw and virtual).
  ☆81Updated last year
• alexander-hanel / msdocsviewer
  msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation to be used within IDA.
  ☆148Updated 10 months ago
• ucsb-seclab / popkorn-artifact
  ☆59Updated 2 years ago
• N0fix / rust-std-sigs
  ☆12Updated 4 months ago
• NullArray / WinKernel-Resources
  A list of excellent resources for anyone to deepen their understanding with regards to Windows Kernel Exploitation and general low level …
  ☆123Updated 2 years ago
• waleedassar / RestrictedKernelLeaks
  ☆154Updated 3 years ago
• idiom / stackstack
  ☆31Updated 2 years ago
• 0vercl0k / snapshot
  WinDbg extension written in Rust to dump the CPU / memory state of a running VM
  ☆111Updated 2 weeks ago
• gabriellandau / ItsNotASecurityBoundary
  ☆142Updated 3 months ago
• D4stiny / ExceptionOrientedProgramming
  Abusing exceptions for code execution.
  ☆107Updated last year
• CaledoniaProject / drivers-binaries
  Exploitable drivers, you know what I mean
  ☆126Updated 7 months ago
• Bw3ll / ROP_ROCKET
  ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…
  ☆111Updated 2 months ago
• TakahiroHaruyama / VDR
  Vulnerable driver research tool, result and exploit PoCs
  ☆181Updated last year
• ionescu007 / clfs-docs
  Unofficial Common Log File System (CLFS) Documentation
  ☆164Updated 3 years ago
• zer0condition / ZeroHVCI
  Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling withou…
  ☆178Updated 3 weeks ago
• struppigel / hedgehog-tools
  ☆111Updated last week
• kkent030315 / Van1338
  A journal for $6,000 Riot Vanguard bounty.
  ☆57Updated last year
• therealdreg / masm32-kernel-programming
  masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)
  ☆115Updated last year