hugsy/CFB external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

hugsy/CFB

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/hugsy/CFB)

Close

hugsy / CFBView on GitHubMore

• External links
• Readme badge

CFB is a ProcMon-style tool designed to assist capturing IRPs sent to Windows drivers.

☆332Mar 26, 2024Updated 2 years ago

Alternatives and similar repositories for CFB

Users that are interested in CFB are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• yardenshafir / PoolViewer

  View on GitHub
  An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.
  ☆151Mar 2, 2023Updated 3 years ago
• D4stiny / PeaceMaker

  View on GitHub
  PeaceMaker Threat Detection is a Windows kernel-based application that detects advanced techniques used by malware.
  ☆431May 22, 2020Updated 5 years ago
• 0xcpu / ExecutiveCallbackObjects

  View on GitHub
  Research on Windows Kernel Executive Callback Objects
  ☆316Feb 22, 2020Updated 6 years ago
• zouxianyu / KernelHiddenExecute

  View on GitHub
  Hide codes/data in the kernel address space.
  ☆187May 8, 2021Updated 4 years ago
• yardenshafir / KernelDataStructureFinder

  View on GitHub
  Driver and WinDBG scripts to dump information about all resources and lookaside lists
  ☆66Apr 4, 2020Updated 6 years ago
• NordVPN Special Discount Offer • Ad
  Save on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
• 0xcpu / WinAltSyscallHandler

  View on GitHub
  Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999
  ☆242Nov 6, 2019Updated 6 years ago
• amiryeshurun / HyperWin

  View on GitHub
  A native hypervisor designed for the Windows operating system
  ☆125Mar 6, 2021Updated 5 years ago
• 0vercl0k / kdmp-parser

  View on GitHub
  A Windows kernel dump C++ parser library with Python 3 bindings.
  ☆213Oct 5, 2025Updated 6 months ago
• hugsy / windbg_js_scripts

  View on GitHub
  Toy scripts for playing with WinDbg JS API
  ☆242Jul 8, 2024Updated last year
• can1357 / ByePg

  View on GitHub
  Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.
  ☆904Nov 21, 2019Updated 6 years ago
• yardenshafir / SymlinkCallback

  View on GitHub
  A driver that hooks C: volume using symbolic link callback to track all FS access to the volume
  ☆109Apr 24, 2020Updated 5 years ago
• gerhart01 / LiveCloudKd

  View on GitHub
  Hyper-V Research is trendy now
  ☆191Mar 8, 2026Updated last month
• AndreyBazhan / SymStore

  View on GitHub
  The history of Windows Internals via symbols.
  ☆181Nov 4, 2021Updated 4 years ago
• KelvinMsft / DeviceMon

  View on GitHub
  VT-based PCI device monitor (SPI)
  ☆158Oct 29, 2020Updated 5 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• SinaKarvandi / Misc

  View on GitHub
  This is a place to share my miscellaneous projects.
  ☆116May 2, 2020Updated 5 years ago
• waleedassar / RestrictedKernelLeaks

  View on GitHub
  ☆165Sep 18, 2021Updated 4 years ago
• thalium / icebox

  View on GitHub
  Virtual Machine Introspection, Tracing & Debugging
  ☆596Feb 22, 2022Updated 4 years ago
• h4xu3lyn / FuckPg

  View on GitHub
  Analysing and defeating PatchGuard universally
  ☆35Nov 4, 2020Updated 5 years ago
• IOActive / FuzzNDIS

  View on GitHub
  A Fuzzer for Windows NDIS Drivers OID Handlers
  ☆96Nov 4, 2021Updated 4 years ago
• DownWithUp / CallMon

  View on GitHub
  CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers
  ☆146Sep 5, 2020Updated 5 years ago
• alal4465 / Practical-Reverse-Engineering-Solutions

  View on GitHub
  Some drivers I've written while solving exercises from Practical Reverse Engineering
  ☆15Jan 9, 2022Updated 4 years ago
• 0xhido / BlueLight

  View on GitHub
  Open-source EDR kernel-component for system monitoring and DLL injection
  ☆33Nov 14, 2020Updated 5 years ago
• gerhart01 / Hyper-V-Internals

  View on GitHub
  Internals information about Hyper-V
  ☆733Mar 7, 2026Updated last month
• NordVPN Special Discount Offer • Ad
  Save on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
• wbenny / KSOCKET

  View on GitHub
  KSOCKET provides a very basic example how to make a network connections in the Windows Driver by using WSK
  ☆543Sep 2, 2022Updated 3 years ago
• quarkslab / rewind

  View on GitHub
  Snapshot-based coverage-guided windows kernel fuzzer
  ☆324Dec 16, 2021Updated 4 years ago
• zodiacon / PoolMonXv2

  View on GitHub
  Kernel Pool Monitor
  ☆128Mar 6, 2022Updated 4 years ago
• btbd / wpp

  View on GitHub
  Intercepting DeviceControl via WPP
  ☆138Nov 18, 2019Updated 6 years ago
• can1357 / NtRays

  View on GitHub
  Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.
  ☆662Jan 28, 2025Updated last year
• Cr4sh / KernelForge

  View on GitHub
  A library to develop kernel level Windows payloads for post HVCI era
  ☆494May 18, 2021Updated 4 years ago
• wbenny / EtwConsumerNT

  View on GitHub
  Simple project that demonstrates how an ETW consumer can be created just by using NTDLL
  ☆147Feb 23, 2019Updated 7 years ago
• synacktiv / Windows-kernel-SegmentHeap-Aligned-Chunk-Confusion

  View on GitHub
  PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap
  ☆214Jul 2, 2020Updated 5 years ago
• mandiant / STrace

  View on GitHub
  A DTrace on Windows Reimplementation
  ☆373Mar 12, 2026Updated 3 weeks ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• DownWithUp / DynamicKernelShellcode

  View on GitHub
  An example of how x64 kernel shellcode can dynamically find and use APIs
  ☆105May 14, 2020Updated 5 years ago
• ntoskrnl7 / crtsys

  View on GitHub
  C/C++ Runtime library for system file (Windows Kernel Driver) - Supports Microsoft STL
  ☆192Aug 27, 2022Updated 3 years ago
• 0vercl0k / symbolizer

  View on GitHub
  A fast execution trace symbolizer for Windows.
  ☆130May 6, 2024Updated last year
• zhuhuibeishadiao / PatchGuardResearch

  View on GitHub
  win10 pgContext dynamic dump (btc version)
  ☆112Jan 15, 2020Updated 6 years ago
• avakar / vcrtl

  View on GitHub
  C++ Exceptions in Windows Drivers
  ☆220Dec 21, 2020Updated 5 years ago
• gdabah / win32k-bugs

  View on GitHub
  Dump of win32k POCs for bugs I've found
  ☆380Mar 6, 2022Updated 4 years ago
• namazso / physmem_drivers

  View on GitHub
  A collection of various vulnerable (mostly physical memory exposing) drivers.
  ☆456Jun 15, 2022Updated 3 years ago