cristeigabriela / re-sysinternals-suiteLinks
Code from process of reversing Sysinternals Suite for educational purposes, with videos to associate them
☆48Updated 2 years ago
Alternatives and similar repositories for re-sysinternals-suite
Users that are interested in re-sysinternals-suite are comparing it to the libraries listed below
Sorting:
- Hook all callbacks which are registered with LdrRegisterDllNotification☆88Updated 4 months ago
- An x64dbg plugin which helps make sense of long C++ symbols☆59Updated 2 years ago
- An x64dbg plugin which marks XFG call signatures as data☆77Updated 2 years ago
- Windows kernel driver template for cmkr and llvm-msvc.☆35Updated last year
- SetWinEventHook Sample☆48Updated last year
- ☆71Updated 2 years ago
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆108Updated 2 years ago
- Detours implementation (x64/x86) which used only ntdll import☆90Updated last year
- This x64dbg plugin allows you to upload your sample to Malcore and view the results.☆37Updated 2 years ago
- Integration of Microsoft Warbird with the MSVC compiler☆111Updated 2 years ago
- Generate a PDB file given the old PDB file and an address mapping☆49Updated 3 weeks ago
- A post-processing script for TinyTracer☆37Updated 2 years ago
- monitors hidden syscalls called from call of duty anticheat☆82Updated 7 months ago
- A Python script to download PDB files associated with a Portable Executable (PE)☆125Updated 6 months ago
- Support Windows OS Reversing by searching easily for references to functions across many DLLs☆34Updated 3 years ago
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆68Updated 2 years ago
- Signature finder (from PE-bear)☆37Updated 4 months ago
- ☆114Updated 3 years ago
- Elevate arbitrary MSR writes to kernel execution.☆38Updated last year
- An improved version of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆71Updated 4 months ago
- Easy encrypt/decrypt data with TPM☆25Updated last year
- ☆26Updated 2 years ago
- Simple, fast and lightweight Header-Only C++ Assembler Library☆112Updated last week
- Remote Thread Detection with a Kernel Driver☆33Updated 7 months ago
- Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post☆66Updated 11 months ago
- A Windows executable (PE) packer (x64) with LZMA compression and with full TLS (Thread Local Storage) support☆75Updated 2 months ago
- A simple password-based PE encryptor for Windows 32-bit executables.☆52Updated 7 months ago
- ☆15Updated last year
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆47Updated 2 years ago
- Collection of scripts and CMake files to easily link to LLVM into your project (Windows, Linux, macOS).☆42Updated 4 months ago