fishstiqz / poolinfoLinks
kernel pool windbg extension
☆84Updated 10 years ago
Alternatives and similar repositories for poolinfo
Users that are interested in poolinfo are comparing it to the libraries listed below
Sorting:
- windbg plugin for win32k debugging☆75Updated 5 years ago
- Simple library to spray the Windows Kernel Pool☆110Updated 5 years ago
- Windbg2ida lets you dump each step in Windbg then shows these steps in IDA☆75Updated last year
- Toolkit for Hyper-V security research☆156Updated 3 years ago
- Kernel driver to fuzz Hyper-V hypercalls☆137Updated 6 years ago
- Elevation of privilege detector based on HyperPlatform☆122Updated 8 years ago
- ☆63Updated 8 years ago
- A windbg extension, extracting token related contents☆41Updated 4 years ago
- A fast execution trace symbolizer for Windows.☆131Updated last year
- A branch-monitor-based solution for process monitoring.☆133Updated 5 years ago
- A little WinDbg extension to help dump the state of Win32k Type Isolation structures.☆38Updated 7 years ago
- IDAScript to create Symbol file which can be loaded in WinDbg via AddSyntheticSymbol☆41Updated 11 years ago
- Sample programs that illustrate how to use Control Flow Guard, VS2015's control flow integrity implementation☆52Updated 8 years ago
- [ARCHIVED] mov rax, ${Thalium/IceBox}; jmp rax;☆74Updated 6 years ago
- Static unpacker for FinSpy VM☆101Updated 4 years ago
- Windows NT ioctl bruteforcer and modular fuzzer☆123Updated 6 years ago
- Windows RPC Python fuzzer☆163Updated 7 years ago
- A fork of AFL for fuzzing Windows binaries☆53Updated 6 years ago
- IDA Plugin which decodes Windows Device I/O control code into DeviceType, FunctionCode, AccessType and MethodType.☆111Updated last year
- Windbg extension to find PatchGuard pages☆121Updated 11 years ago
- VMX intrinsics plugin for Hex-Rays decompiler☆71Updated 5 years ago
- PoC for a snapshot-based coverage-guided fuzzer targeting Windows kernel components☆68Updated 4 years ago
- Python bindings for the Microsoft Hypervisor Platform APIs.☆79Updated 6 years ago
- Implements the POP/MOV SS (CVE-2018-8897) vulnerability by leveraging SYSCALL to perform a local privilege escalation (LPE).☆117Updated 6 years ago
- Windows 10 kernel and ntdll internal types, directly compatible with ida.☆51Updated 6 years ago
- ☆34Updated 4 years ago
- IDA plugin to explore and browse tags☆56Updated 6 years ago
- A Fuzzer for Windows NDIS Drivers OID Handlers☆94Updated 3 years ago
- This is a place to share my miscellaneous projects.☆114Updated 5 years ago
- ☆50Updated 8 years ago