dmaivel / ntoseye
Windows kernel debugger for Linux hosts running Windows under KVM/QEMU
☆57Updated 3 weeks ago
Related projects ⓘ
Alternatives and complementary repositories for ntoseye
- WinDbg extension written in Rust to dump the CPU / memory state of a running VM☆112Updated 2 weeks ago
- Report and exploit of CVE-2023-36427☆87Updated 11 months ago
- Report and exploit of CVE-2024-21305.☆30Updated 10 months ago
- Windows KASLR bypass using prefetch side-channel☆68Updated 6 months ago
- Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures☆30Updated last month
- A fast execution trace symbolizer for Windows that runs on all major platforms and doesn't depend on any Microsoft libraries.☆84Updated last month
- A journal for $6,000 Riot Vanguard bounty.☆57Updated last year
- PyKD DLLs for x86 and x64 platforms☆14Updated last year
- Control-Flow Graph (CFG) Visualizer for VSCode☆35Updated this week
- call gates as stable comunication channel for NT x86 and Linux x86_64☆30Updated last year
- PEIM (UEFI) bootkit targeting OVMF (EDK2)☆33Updated 11 months ago
- Example of building an application verifer DLL☆44Updated 5 months ago
- ☆25Updated 3 weeks ago
- A KISS Rust crate to parse Windows kernel crash-dumps created by Windows & its debugger.☆33Updated 3 months ago
- An x64dbg plugin which helps make sense of long C++ symbols☆59Updated last year
- Finding Truth in the Shadows☆84Updated last year
- uefi diskless persistence technique + OVMF secureboot bypass☆52Updated 6 months ago
- Contains all the applications developed for the Second part of the 7th Edition of Windows Internals book☆101Updated 4 months ago
- A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.☆73Updated 3 months ago
- CVE-2024-40431+CVE-2022-25479 chain for EOP(DATA ONLY ATTACK)☆45Updated last month
- Inlay hints for hex-rays☆28Updated last month
- Python bindings for BochsCPU☆34Updated last month
- ☆59Updated 2 years ago
- Rust bindings to the System Informer's (formerly known as Process Hacker) "phnt" native Windows headers☆39Updated 2 months ago
- This IDA plugin extends the functionality of the assembly and hex view. With this plugin, you can conveniently decode/decrypt/alter data …☆67Updated 2 months ago
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆115Updated 2 months ago
- Abusing exceptions for code execution.☆107Updated last year
- Analysis of the vulnerability☆47Updated 9 months ago
- Disassembler for Zeus VM custom instruction set☆24Updated 9 months ago
- javascript extension of windbg for hacker.☆14Updated last year