dro / win10-ida-types
Windows 10 kernel and ntdll internal types, directly compatible with ida.
☆50Updated 6 years ago
Alternatives and similar repositories for win10-ida-types:
Users that are interested in win10-ida-types are comparing it to the libraries listed below
- Takes a Windbg dumped structure (using the 'dt' command) and formats it into a C structure☆35Updated 9 months ago
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆67Updated 5 years ago
- Windows 10 UAC bypass PoC using LaunchInfSection☆34Updated 6 years ago
- Windbg2ida lets you dump each step in Windbg then shows these steps in IDA☆76Updated 9 months ago
- windbg plugin for win32k debugging☆73Updated 5 years ago
- A little WinDbg extension to help dump the state of Win32k Type Isolation structures.☆38Updated 7 years ago
- Analyze PatchGuard☆58Updated 6 years ago
- Tools made for my Hyper-V blog series @ https://foxhex0ne.blogspot.com/☆55Updated 4 years ago
- Exploiting HEVD's WriteWhatWhereIoctlDispatch for LPE on Windows 10 TH2 through RS3 using GDI objects.☆24Updated 7 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆54Updated 5 years ago
- VMX intrinsics plugin for Hex-Rays decompiler☆70Updated 5 years ago
- IDA plugin to explore and browse tags☆54Updated 5 years ago
- ☆33Updated 3 years ago
- IDA script for vmprotect Windows Api address decoder☆51Updated 3 years ago
- IDA 7.0 meets watch view!☆42Updated 3 years ago
- kernel pool windbg extension☆81Updated 9 years ago
- ☆27Updated 6 years ago
- Helper utility for debugging windows PE/PE+ loader.☆52Updated 10 years ago
- Windows sandbox PoC☆31Updated 4 years ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub☆77Updated 12 years ago
- An API Monitor based on Instrumentation☆43Updated 7 years ago
- Kernel driver to fuzz Hyper-V hypercalls☆137Updated 6 years ago
- AllMemPro☆43Updated 7 years ago
- ☆80Updated 7 years ago
- A project that aims to automatically devirtualize code that has been virtualized using x86virt☆126Updated 2 years ago
- PoC for a taint based attack on VMProtect☆108Updated 5 years ago
- ☆45Updated 4 years ago
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆75Updated 14 years ago
- Adding exceptions to Microsoft's Control Flow Guard (CFG)☆58Updated 8 years ago
- ☆27Updated 6 years ago