ayoubfaouzi/windows-exploitation external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

ayoubfaouzi/windows-exploitation

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ayoubfaouzi/windows-exploitation)

Close

ayoubfaouzi / windows-exploitationView on GitHubMore

• External links
• Readme badge

My notes while studying Windows exploitation

☆191Mar 27, 2026Updated last month

Alternatives and similar repositories for windows-exploitation

Users that are interested in windows-exploitation are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• ayoubfaouzi / windows-internals

  View on GitHub
  My notes while studying Windows internals
  ☆462Mar 27, 2026Updated last month
• ayoubfaouzi / linux-kernel

  View on GitHub
  Linux kernel internals' notes
  ☆21Feb 12, 2026Updated 3 months ago
• ayoubfaouzi / cpu-internals

  View on GitHub
  Intel / AMD CPU Internals
  ☆1,193Apr 14, 2026Updated last month
• connormcgarr / An-Intro-2-Win-ED

  View on GitHub
  "An Introduction to Windows Exploit Development" is an open sourced, free Windows exploit development course I created for the Southeast …
  ☆40Apr 17, 2020Updated 6 years ago
• xsh3llsh0ck / PicoHook

  View on GitHub
  Small driver that uses alternative syscalls feature
  ☆18May 9, 2024Updated 2 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• 0xcpu / WinAltSyscallHandler

  View on GitHub
  Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999
  ☆242Nov 6, 2019Updated 6 years ago
• FaEryICE / MemScanner

  View on GitHub
  Analyze Windows x64 Kernel Memory Layout
  ☆131Nov 19, 2020Updated 5 years ago
• Deputation / syscall_extractor

  View on GitHub
  A C++ syscall ID extractor for Windows. Developed, debugged and tested on 20H2.
  ☆21May 25, 2021Updated 4 years ago
• noct-ml / kerneldetective

  View on GitHub
  Kernel Detective
  ☆154Mar 7, 2026Updated 2 months ago
• lem0nSec / ASM_World

  View on GitHub
  Offensive Assembly code snippets.
  ☆13Jul 12, 2023Updated 2 years ago
• sam-b / windows_kernel_address_leaks

  View on GitHub
  Examples of leaking Kernel Mode information from User Mode on Windows
  ☆639Jul 7, 2017Updated 8 years ago
• HoShiMin / Avanguard

  View on GitHub
  The Win32 Anti-Intrusion Library
  ☆213May 30, 2019Updated 6 years ago
• SinaKarvandi / Process-Magics

  View on GitHub
  This is a collection of interesting codes about Windows Process creation.
  ☆239Jan 12, 2024Updated 2 years ago
• in12hacker / VT_64_EPT

  View on GitHub
  createfile
  ☆48Oct 27, 2015Updated 10 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• Idov31 / Jormungandr

  View on GitHub
  Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
  ☆245Sep 26, 2023Updated 2 years ago
• Kr0ff / WinMalDev

  View on GitHub
  Various methods of executing shellcode
  ☆74Mar 27, 2023Updated 3 years ago
• alexvogt91 / Kernel-dll-injector

  View on GitHub
  Kernel-Mode Driver that loads a dll into every new created process that loads kernel32.dll module
  ☆421Sep 9, 2018Updated 7 years ago
• MiroKaku / Nt-Modules

  View on GitHub
  Collect different versions of Crucial modules.
  ☆147Jul 11, 2024Updated last year
• hasherezade / process_chameleon

  View on GitHub
  A process overwriting its own PEB to make an illusion that it has been loaded from a different path.
  ☆98Jun 24, 2021Updated 4 years ago
• AdamOron / PatchGuardBypass

  View on GitHub
  Bypassing PatchGuard on modern x64 systems
  ☆268Apr 9, 2023Updated 3 years ago
• adrianyy / nasm_shellcode

  View on GitHub
  NASM listing to shellcode converter
  ☆14May 6, 2018Updated 8 years ago
• wbenny / EtwConsumerNT

  View on GitHub
  Simple project that demonstrates how an ETW consumer can be created just by using NTDLL
  ☆147Feb 23, 2019Updated 7 years ago
• susMdT / effective-waffle

  View on GitHub
  yet another sleep encryption thing. also used the default github repo name for this one.
  ☆69May 11, 2023Updated 3 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• BeaEngine / lde64

  View on GitHub
  LDE64 (relocatable) source code
  ☆103Jun 24, 2015Updated 10 years ago
• OSRDrivers / kmexts

  View on GitHub
  Simple driver to register all available process, thread, image, Registry, and Object callbacks
  ☆123Oct 5, 2017Updated 8 years ago
• shaygitub / windows-rootkit

  View on GitHub
  windows rootkit
  ☆61May 2, 2024Updated 2 years ago
• jxy-s / vfdynf

  View on GitHub
  Application Verifier Dynamic Fault Injection
  ☆42Jan 12, 2026Updated 4 months ago
• h4xu3lyn / FuckPg

  View on GitHub
  Analysing and defeating PatchGuard universally
  ☆34Nov 4, 2020Updated 5 years ago
• zhuhuibeishadiao / MiniVTx64

  View on GitHub
  Intel Virtualization Technology demo
  ☆71Oct 15, 2016Updated 9 years ago
• namazso / MagicSigner

  View on GitHub
  Signtool for expired certificates
  ☆519Jun 10, 2023Updated 2 years ago
• JKornev / DLib-Attacher

  View on GitHub
  Simple program for static hooking dynamic libraries in executable application
  ☆24Jan 15, 2014Updated 12 years ago
• 0xcpu / ExecutiveCallbackObjects

  View on GitHub
  Research on Windows Kernel Executive Callback Objects
  ☆317Feb 22, 2020Updated 6 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• WKL-Sec / StackMask

  View on GitHub
  A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.
  ☆68May 2, 2023Updated 3 years ago
• x0reaxeax / PageSplit

  View on GitHub
  Splitting and executing shellcode across multiple pages
  ☆105Jun 8, 2023Updated 2 years ago
• zhuhuibeishadiao / PFHook

  View on GitHub
  Page fault hook use ept (Intel Virtualization Technology)
  ☆200Oct 19, 2016Updated 9 years ago
• JKornev / NTlib

  View on GitHub
  Static library and headers for linking your software with ntdll.dll
  ☆38Dec 16, 2019Updated 6 years ago
• Cr4sh / PTBypass-PoC

  View on GitHub
  Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.
  ☆81Jan 24, 2011Updated 15 years ago
• susMdT / fictional-invention

  View on GitHub
  idk man this was the default github name
  ☆35Apr 23, 2023Updated 3 years ago
• matthieu-hackwitharts / Win32_Offensive_Cheatsheet

  View on GitHub
  Win32 and Kernel abusing techniques for pentesters
  ☆978Sep 3, 2023Updated 2 years ago