andrew-boyarshin / LoaderWatchLinks
Windows 10 PE image loader (LDR) NTDLL component toolbox
☆49Updated 5 years ago
Alternatives and similar repositories for LoaderWatch
Users that are interested in LoaderWatch are comparing it to the libraries listed below
Sorting:
- Standalone program to download PDB Symbol files for debugging without WDK☆76Updated 5 years ago
- A driver to intercept low level windows events☆61Updated 5 years ago
- DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10☆53Updated last year
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆67Updated 5 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆51Updated 4 years ago
- A collection of tools, source code, and papers researching Windows' implementation of CET.☆84Updated 4 years ago
- Three Tiny Examples of Directly Using Vista's NtCreateUserProcess☆87Updated 9 years ago
- Driver demonstrating how to register a DPC to asynchronously wait on an object☆49Updated 4 years ago
- Miscellaneous Code and Docs☆81Updated last year
- Documenting system information classes and their uses☆51Updated 3 years ago
- ☆32Updated 6 years ago
- Import library generator for x86 PE files☆56Updated 6 years ago
- c++ implementation of windows heavens gate☆68Updated 4 years ago
- A driver that hooks C: volume using symbolic link callback to track all FS access to the volume☆108Updated 5 years ago
- A local copy of Alex Ionescu's seemingly abandoned native-nt-toolkit project containing knowledge inherited from the ReactOS project.☆54Updated 5 years ago
- Debug Print viewer (user and kernel)☆66Updated last year
- An example of a client and server using Windows' ALPC functions to send and receive data.☆96Updated 4 months ago
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆142Updated 6 years ago
- NDC Oslo 2019 slides and demos☆32Updated 4 years ago
- Parser for Microsoft Program Database (PDB) files☆76Updated 4 years ago
- Analyze PatchGuard☆57Updated 6 years ago
- Simple proof of concept code for injecting libraries on 64bit processes from a 32bit process☆94Updated 6 years ago
- Implementation of a dispatcher for Structured Exceptions inside a Vectored Exception Handler☆41Updated 5 years ago
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆77Updated 14 years ago
- This repository contains some tools that I have written in the past☆28Updated last year
- VrtuleTree is a tool that displays information about driver and device objects present in the system and relations between them. Its func…☆59Updated 4 years ago
- Library for kernel and user mode splicing for Windows (x86 and x64).☆63Updated 12 years ago
- An experimental dynamic malware unpacker based on Intel Pin and PE-sieve☆60Updated 9 months ago
- ☆68Updated 4 years ago
- View handles and object for each object type☆64Updated 5 years ago