ernw / Windows-Insight
The content of this repository aims to assist efforts on analysing inner working principles, functionalities, and properties of the Microsoft Windows operating system. This repository stores relevant documentation as well as executable files needed for conducting analysis studies.
☆151Updated 4 years ago
Alternatives and similar repositories for Windows-Insight:
Users that are interested in Windows-Insight are comparing it to the libraries listed below
- Mario & Luigi - Tools for sniffing Windows Named Pipes communication☆129Updated 8 years ago
- Documentation and supporting script sample for Windows Exploit Guard☆156Updated 3 years ago
- Driver Initial Reconnaissance Tool☆123Updated 5 years ago
- ☆67Updated 2 years ago
- ☆234Updated 7 years ago
- FLARE Kernel Shellcode Loader☆177Updated 5 years ago
- ☆108Updated 4 years ago
- A command tree based on commands and extensions for Windows Kernel Debugging.☆107Updated 4 years ago
- Hyper-V Research is trendy now☆178Updated 11 months ago
- Parsers for custom malware formats ("Funky malware formats")☆96Updated 3 years ago
- A repository of some of my Windows 10 Device Guard Bypasses☆136Updated 7 years ago
- Named pipe I/O ETW provider for Windows☆70Updated 4 years ago
- PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.☆151Updated 5 years ago
- Windows Drivers☆97Updated 6 years ago
- Windows NT ioctl bruteforcer and modular fuzzer☆123Updated 6 years ago
- ☆216Updated 7 years ago
- Reflective Polymorphism☆104Updated 6 years ago
- Scripts for disassembling VBScript p-code in the memory to aid in exploits analysis☆85Updated 2 years ago
- Pure Python parser for Application Compatibility Shim Databases (.sdb files)☆109Updated 4 years ago
- Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code☆182Updated 4 years ago
- Ruxcon2016 POC Code☆139Updated 8 years ago
- Toy scripts for playing with WinDbg JS API☆227Updated 9 months ago
- Smart DLL execution for malware analysis in sandbox systems☆143Updated 10 years ago
- DotNext 2019 St. Petersburg Talk Demos☆40Updated 5 years ago
- Tool to view and create Microsoft shim database files (SDB).☆113Updated 7 years ago
- Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment☆120Updated 4 years ago
- Transfer EIP control to shellcode during malware analysis investigation☆75Updated 10 years ago
- WNF Utilities 4 Newbies (WNFUN)☆94Updated 6 years ago
- This tool is the result of a reverse engineering process of the Windows service called SysMain. Time to interact with the prefetch files …☆31Updated 4 years ago
- Just a normal flask web app to understand win32api with code snippets and references.☆72Updated 5 years ago