The content of this repository aims to assist efforts on analysing inner working principles, functionalities, and properties of the Microsoft Windows operating system. This repository stores relevant documentation as well as executable files needed for conducting analysis studies.
β150May 29, 2020Updated 5 years ago
Alternatives and similar repositories for Windows-Insight
Users that are interested in Windows-Insight are comparing it to the libraries listed below
Sorting:
- π΅ Ethereum and BNB (BSC) Mev bot - Arbitrageβ358Feb 11, 2026Updated 2 weeks ago
- Will try to put here slides from now on when I give a talkβ24Oct 11, 2021Updated 4 years ago
- A repository of my presentationsβ167Nov 16, 2023Updated 2 years ago
- Virtual Machine Introspection, Tracing & Debuggingβ595Feb 22, 2022Updated 4 years ago
- This repo contains code of JScript .NET which can be used as alternative to csc.exe to run potentially malicious code, which ships in allβ¦β13Nov 8, 2019Updated 6 years ago
- Simple tool to use LsaManageSidNameMapping get LSA to add or remove SID to name mappings.β25Oct 25, 2020Updated 5 years ago
- Automatic function exporting and linking for fuzzing cross-architecture binaries.β51Sep 9, 2018Updated 7 years ago
- CFB is a ProcMon-style tool designed to assist capturing IRPs sent to Windows drivers.β333Mar 26, 2024Updated last year
- AppXSvc Arbitrary File Security Descriptor Overwrite EoPβ20Sep 15, 2019Updated 6 years ago
- PeaceMaker Threat Detection is a Windows kernel-based application that detects advanced techniques used by malware.β431May 22, 2020Updated 5 years ago
- UAC Bypass with mmc via alpcβ158Apr 5, 2019Updated 6 years ago
- B-Sides CBR 2018 talk about group policy and Grouperβ38May 3, 2019Updated 6 years ago
- Automate AV evasion by calling AMSIβ88May 31, 2023Updated 2 years ago
- Mario & Luigi - Tools for sniffing Windows Named Pipes communicationβ129Nov 15, 2016Updated 9 years ago
- A framework to track the evolution of Operating Systems over timeβ66Oct 10, 2023Updated 2 years ago
- IDAPro scripts/pluginsβ93Feb 26, 2019Updated 7 years ago
- Tool to decompress data from Windows 10 page files and memory dumps, that has been compressed by the Windows 10 memory manager.β51Apr 9, 2019Updated 6 years ago
- A hypervisor for fuzzing built with WHVP and Bochsβ380Feb 5, 2019Updated 7 years ago
- Call 32bit NtDLL API directly from WoW64 Layerβ62Nov 18, 2020Updated 5 years ago
- CVE-2019-0708 (BlueKeep)β111Jul 7, 2020Updated 5 years ago
- ReaCOM has got a lot of tools to use and is related to component object modelβ74Feb 3, 2020Updated 6 years ago
- Documentation and supporting script sample for Windows Exploit Guardβ169Sep 8, 2025Updated 5 months ago
- A function tracerβ92Jun 4, 2019Updated 6 years ago
- β30Dec 4, 2018Updated 7 years ago
- This project is just a dumping ground for random scripts I've developed.β139Aug 14, 2024Updated last year
- Small POC in powershell exploiting hardlinks during the VM deletion processβ53Jan 18, 2020Updated 6 years ago
- Dump of win32k POCs for bugs I've foundβ381Mar 6, 2022Updated 3 years ago
- Advanced Portable Executable File Analyzer And Disassembler 32 & 64 Bitβ100Apr 15, 2019Updated 6 years ago
- Endpoint detection & Malware analysis softwareβ229Dec 20, 2019Updated 6 years ago
- β135Dec 15, 2019Updated 6 years ago
- β48Jul 7, 2020Updated 5 years ago
- ASLR bypass in Chrome version 77β24Oct 28, 2019Updated 6 years ago
- Control Flow Guard Teleportation demoβ23Jul 28, 2019Updated 6 years ago
- Remote Recon and Collectionβ459Nov 23, 2017Updated 8 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999β240Nov 6, 2019Updated 6 years ago
- β349Mar 19, 2021Updated 4 years ago
- Detect possible sysmon logging bypasses given a specific configurationβ111Dec 26, 2018Updated 7 years ago
- scripts/plugins for IDA Proβ178Jan 10, 2025Updated last year
- Implementation of the .NET Profiler DLL hijack in C#β98Dec 14, 2018Updated 7 years ago