☆17Apr 18, 2023Updated 2 years ago
Alternatives and similar repositories for awesome_code_windows_kernel
Users that are interested in awesome_code_windows_kernel are comparing it to the libraries listed below
Sorting:
- Bootkits☆19Sep 13, 2023Updated 2 years ago
- red or blue☆14Apr 20, 2023Updated 2 years ago
- Proof-of-Concept software for detecting AV/EDR hooks in Windows libraries.☆38May 12, 2022Updated 3 years ago
- Walks through the 4-level paging structures in Windows x64☆13Feb 12, 2023Updated 3 years ago
- A simple way to spoof return addresses using an exception handler☆43Aug 3, 2022Updated 3 years ago
- Exports monitoring plugin for x64dbg☆22Mar 14, 2023Updated 2 years ago
- Dangling COM Keys Finder☆17Nov 16, 2021Updated 4 years ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- A C implementation of the Sektor7 "A Thief" Windows privesc technique.☆71Mar 25, 2022Updated 3 years ago
- Bypassing kernel patch protection runtime☆22Feb 19, 2023Updated 3 years ago
- a dkom rootkit that targets windows x64 systems. the rootkit hooks and edits criticl memory sections in order to hide different resources…☆18Jul 5, 2023Updated 2 years ago
- ATHERCRC32 Provide developers with a complete framework for using CRC32 in functions/classes in memory, and protecting your software agai…☆15Jan 29, 2021Updated 5 years ago
- UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.☆44Jan 21, 2023Updated 3 years ago
- Simple memory obfuscator.☆24Jul 21, 2022Updated 3 years ago
- 管道监视器,类似于spyxx之类的东西,一般用于监视目标进程的系统调用.关键词:detours+piep☆23Feb 26, 2014Updated 12 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115May 21, 2023Updated 2 years ago
- 简单安排一下 autochk.sys 这个rootkit☆73Mar 7, 2023Updated 2 years ago
- ☆11Jun 24, 2024Updated last year
- ☆16Apr 21, 2023Updated 2 years ago
- SyscallLoader☆11Sep 13, 2021Updated 4 years ago
- Classes in C++ for building applications☆14Feb 16, 2026Updated last week
- Learn Winapi in this Repo with examples, to understand its abstraction in reverse engineering for Windows.☆11Aug 8, 2022Updated 3 years ago
- NRefactory - Refactoring Your C# Code☆15Jun 22, 2024Updated last year
- Dump PDB Symbols including support for Bochs Debugging Format (with wine support)☆14Aug 11, 2023Updated 2 years ago
- A simple example how to decrypt kernel debugger data block☆32Feb 8, 2021Updated 5 years ago
- ☆34Aug 7, 2023Updated 2 years ago
- A kernel mode Windows rootkit in development.☆49Dec 31, 2021Updated 4 years ago
- Repository of different kernel drivers written while studying Windows NT Driver development☆12Apr 14, 2024Updated last year
- Implement a Stack VM Interpreter with a Register Window☆11Jan 2, 2024Updated 2 years ago
- A years-old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77.☆38Mar 16, 2022Updated 3 years ago
- ☆34Apr 11, 2023Updated 2 years ago
- kernel driver used to monitor the activity of BadlionAnticheat.sys by patching its IAT☆32Jul 9, 2021Updated 4 years ago
- What makes it page☆17Aug 24, 2022Updated 3 years ago
- experiments for IJON☆12Jul 1, 2019Updated 6 years ago
- Windows user mini-dump helper library to extract data from it.☆13May 17, 2025Updated 9 months ago
- Process Creation, Image Load and Thread Creation Notification☆13Sep 15, 2023Updated 2 years ago
- This driver hooks a device object for ioctl and uses mdls to allocate physical pages and manually injects an entry into a process's page …☆15Feb 14, 2023Updated 3 years ago
- Shows different icons for 64 and 32-bit DLLs. Register with RegSvr32 to install☆38Dec 28, 2024Updated last year