gsuberland / Windows-Reverse-Engineering
Various reverse engineering work on Windows
☆16Updated 4 years ago
Alternatives and similar repositories for Windows-Reverse-Engineering:
Users that are interested in Windows-Reverse-Engineering are comparing it to the libraries listed below
- .lib file for linking against the NT CRT☆18Updated 2 years ago
- A way to detect DBI frameworks, Debuggers and VMs.☆22Updated 4 years ago
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year
- A driver to implement IOCTL hooking☆24Updated 2 years ago
- Dump PDB Symbols including support for Bochs Debugging Format (with wine support)☆15Updated last year
- ☆15Updated last year
- Windbg extension that allows you analyze Control Flow Guard map☆34Updated 3 years ago
- A collection of Windows Components(Mostly is ntoskrnl.exe)☆26Updated 4 years ago
- Support Windows OS Reversing by searching easily for references to functions across many DLLs☆34Updated 3 years ago
- This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM☆22Updated last year
- Elevate arbitrary MSR writes to kernel execution.☆26Updated last year
- Static library and headers for linking your software with ntdll.dll☆32Updated 5 years ago
- Windows driver template, using C++20 & cmake & GithubActions☆20Updated 6 months ago
- penter hook example and driver time recorder☆31Updated 7 years ago
- ntos shit☆23Updated last year
- Runtime smm module loader☆32Updated 2 years ago
- FastSymApi - A Fast API PDB Symbol Cache Server that efficiently caches and compresses PDBs on disk for quick and repeated retrieval.☆18Updated 4 months ago
- EDR PoC WIP LLC☆10Updated last year
- ☆29Updated 3 years ago
- Input-output driver☆24Updated last year
- IDA plugin to quickly learn what a shortcut does☆10Updated 2 years ago
- Small class to parse debug info from PEs, download their respective PDBs from the Microsoft Public Symbol Server and calculate RVAs of fu…☆42Updated last year
- Exports monitoring plugin for x64dbg☆21Updated last year
- WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs☆17Updated last year
- Personal curation of Clang/LLVM patches.☆13Updated 3 years ago
- Simple DLL and client app that work together to hook all the functions in WinHvPlatform.dll in order to provide logging and introspection…☆15Updated 3 years ago
- A Binary Ninja plugin to deobfuscate Themida, WinLicense and Code Virtualizer 3.x's mutation-based obfuscation.☆26Updated 6 months ago
- A small header file mapping status codes passed to KiExceptionDispatch before KiPreprocessFault to individual CPU faults.☆13Updated 5 years ago
- Reverse engineered API for Microsoft's Time Travel Debugger☆32Updated 10 months ago
- ☆26Updated last year