jthuraisamy / ioctlpusLinks
☆119Updated 4 years ago
Alternatives and similar repositories for ioctlpus
Users that are interested in ioctlpus are comparing it to the libraries listed below
Sorting:
- Driver Initial Reconnaissance Tool☆123Updated 5 years ago
- IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).☆92Updated 3 years ago
- ☆68Updated 3 years ago
- FLARE Kernel Shellcode Loader☆178Updated 6 years ago
- Windows Drivers☆99Updated 6 years ago
- Simple 32/64-bit PEs loader.☆138Updated 6 years ago
- Helper idapython code for reversing kmdf drivers☆72Updated 3 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆224Updated 5 years ago
- Recon 2015 Presentation from Alex Ionescu☆242Updated 9 years ago
- ☆162Updated 3 years ago
- Local OXID Resolver (LCLOR) : Research and Tooling☆35Updated 4 years ago
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆144Updated 6 years ago
- Set of antianalysis techniques found in malware☆132Updated last year
- Hyper-V Research is trendy now☆182Updated last year
- An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.☆141Updated 2 years ago
- Windows Kernel Programming☆130Updated 5 years ago
- Process reimaging proof of concept code☆96Updated 6 years ago
- Enumerate user mode shared memory mappings on Windows.☆122Updated 4 years ago
- Ebfuscator: Abusing system errors for binary obfuscation☆52Updated 5 years ago
- APC Internals Research Code☆166Updated 5 years ago
- Toy scripts for playing with WinDbg JS API☆235Updated last year
- ☆19Updated 5 years ago
- Process Hollowing for 32 bit and 64 bit☆79Updated 7 years ago
- ☆146Updated 2 years ago
- Parsers for custom malware formats ("Funky malware formats")☆96Updated 3 years ago
- Tools for instrumenting Windows Defender's mpengine.dll☆302Updated 6 years ago
- https://blog.f-secure.com/hiding-malicious-code-with-module-stomping/☆120Updated 5 years ago
- This is a simple example and explanation of obfuscating API resolution via hashing☆235Updated 5 years ago
- Hyper-V scripts☆126Updated last week
- CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers☆146Updated 4 years ago