☆17Apr 18, 2023Updated 2 years ago
Alternatives and similar repositories for awesome_code_windows_kernel
Users that are interested in awesome_code_windows_kernel are comparing it to the libraries listed below
Sorting:
- red or blue☆14Apr 20, 2023Updated 2 years ago
- Bootkits☆19Sep 13, 2023Updated 2 years ago
- Walks through the 4-level paging structures in Windows x64☆13Feb 12, 2023Updated 3 years ago
- Proof-of-Concept software for detecting AV/EDR hooks in Windows libraries.☆38May 12, 2022Updated 3 years ago
- Dangling COM Keys Finder☆17Nov 16, 2021Updated 4 years ago
- A simple way to spoof return addresses using an exception handler☆44Aug 3, 2022Updated 3 years ago
- 管道监视器,类似于spyxx之类的东西,一般用于监视目标进程的系统调用.关键词:detours+piep☆23Feb 26, 2014Updated 12 years ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- SyscallLoader☆11Sep 13, 2021Updated 4 years ago
- A C implementation of the Sektor7 "A Thief" Windows privesc technique.☆70Mar 25, 2022Updated 3 years ago
- Exports monitoring plugin for x64dbg☆22Mar 14, 2023Updated 3 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115May 21, 2023Updated 2 years ago
- A kernel mode Windows rootkit in development.☆49Dec 31, 2021Updated 4 years ago
- Repository of different kernel drivers written while studying Windows NT Driver development☆12Apr 14, 2024Updated last year
- Bypassing kernel patch protection runtime☆22Feb 19, 2023Updated 3 years ago
- Nice try reading NTDLL from disk, nerd.☆19Apr 18, 2022Updated 3 years ago
- ☆16Apr 21, 2023Updated 2 years ago
- Dump PDB Symbols including support for Bochs Debugging Format (with wine support)☆14Aug 11, 2023Updated 2 years ago
- a dkom rootkit that targets windows x64 systems. the rootkit hooks and edits criticl memory sections in order to hide different resources…☆19Jul 5, 2023Updated 2 years ago
- A years-old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77.☆38Mar 16, 2022Updated 4 years ago
- 简单安排一下 autochk.sys 这个rootkit☆73Mar 7, 2023Updated 3 years ago
- Simple memory obfuscator.☆24Jul 21, 2022Updated 3 years ago
- A simple example how to decrypt kernel debugger data block☆32Feb 8, 2021Updated 5 years ago
- ☆11Jun 24, 2024Updated last year
- UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.☆44Jan 21, 2023Updated 3 years ago
- Classes in C++ for building applications☆14Mar 13, 2026Updated last week
- automates exploits using ROP chains, using ntdll-scraper☆16May 26, 2022Updated 3 years ago
- C2☆123Dec 29, 2025Updated 2 months ago
- IO隐藏通信封装☆17May 31, 2021Updated 4 years ago
- kernel driver used to monitor the activity of BadlionAnticheat.sys by patching its IAT☆32Jul 9, 2021Updated 4 years ago
- ☆34Aug 7, 2023Updated 2 years ago
- Implement a Stack VM Interpreter with a Register Window☆11Jan 2, 2024Updated 2 years ago
- NRefactory - Refactoring Your C# Code☆15Jun 22, 2024Updated last year
- POC about how to prevent windbg break☆15Oct 3, 2022Updated 3 years ago
- Process Creation, Image Load and Thread Creation Notification☆13Sep 15, 2023Updated 2 years ago
- POC for a race condition exploit using directory junctions in Windows☆17Apr 26, 2020Updated 5 years ago
- silence file system monitoring components by hooking their minifilters☆61Jan 31, 2024Updated 2 years ago
- What makes it page☆17Aug 24, 2022Updated 3 years ago