Windows Kernel Programming Experiments
☆84Sep 18, 2022Updated 3 years ago
Alternatives and similar repositories for wkpe
Users that are interested in wkpe are comparing it to the libraries listed below
Sorting:
- Windows System Programming Experiments☆222Jun 13, 2022Updated 3 years ago
- Windows driver template, using C++20 & cmake & GithubActions☆25Aug 9, 2024Updated last year
- Dump PDB Symbols including support for Bochs Debugging Format (with wine support)☆14Aug 11, 2023Updated 2 years ago
- Bypassing kernel patch protection runtime☆22Feb 19, 2023Updated 3 years ago
- UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.☆44Jan 21, 2023Updated 3 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆121Feb 8, 2022Updated 4 years ago
- Call NtCreateUserProcess directly as normal.☆77May 17, 2022Updated 3 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- Browse Page Tables on Windows (Page Table Viewer)☆234Apr 2, 2022Updated 3 years ago
- A simple example how to decrypt kernel debugger data block☆32Feb 8, 2021Updated 5 years ago
- Windows Kernel Knowledge && Collect Resources on the wire && Nothing innovation by myself &&☆62Jan 29, 2026Updated last month
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- A code parser for C-Style header files that lets you to parse function's prototypes and data types used in their parameters.☆94Apr 17, 2022Updated 3 years ago
- ☆208Apr 5, 2022Updated 3 years ago
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Aug 11, 2023Updated 2 years ago
- Load your driver like win32k.sys☆258Aug 20, 2022Updated 3 years ago
- ☆59Jun 8, 2022Updated 3 years ago
- ☆153Jul 31, 2022Updated 3 years ago
- WTSRM☆216Aug 7, 2022Updated 3 years ago
- Helper script for Windows kernel debugging with IDA Pro on native Bochs debugger (including PDB symbols)☆62Aug 11, 2023Updated 2 years ago
- Tools and technical write-ups describing attacking techniques that rely on concealing code execution on Windows☆223Aug 12, 2022Updated 3 years ago
- Lenovo Diagnostics Driver EoP - Arbitrary R/W☆177Dec 5, 2022Updated 3 years ago
- Some Code Samples for Windows based Inter-Process-Communication (IPC)☆209Feb 29, 2024Updated 2 years ago
- RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, …☆500Jan 25, 2022Updated 4 years ago
- ☆17Apr 18, 2023Updated 2 years ago
- A thin introspection hypervisor framework that allows for low level resource manipulation.☆12Jan 27, 2024Updated 2 years ago
- Proof-of-Concept software for detecting AV/EDR hooks in Windows libraries.☆38May 12, 2022Updated 3 years ago
- ☆118Aug 7, 2022Updated 3 years ago
- Recursive and arbitrary code execution at kernel-level without a system thread creation☆159Apr 13, 2023Updated 2 years ago
- Load Dll into Kernel space☆40Aug 23, 2022Updated 3 years ago
- A PoC project for embedding shellcode to Hint/Name Table☆113May 16, 2022Updated 3 years ago
- WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs☆18Aug 11, 2023Updated 2 years ago
- ☆17Oct 31, 2022Updated 3 years ago
- Dangling COM Keys Finder☆17Nov 16, 2021Updated 4 years ago
- It stinks☆105Apr 22, 2022Updated 3 years ago
- CLIPBRDWNDCLASS process injection technique(BOF) - execute beacon shellcode in callback☆68Sep 15, 2022Updated 3 years ago
- ☆81Dec 24, 2021Updated 4 years ago
- Enumerate various traits from Windows processes as an aid to threat hunting☆202Jan 13, 2022Updated 4 years ago
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆73Aug 11, 2023Updated 2 years ago