kphongagsorn / windows-undocumented-apis

Related projects ⓘ

Alternatives and complementary repositories for windows-undocumented-apis

• tyranid / WindowsRuntimeSecurityDemos
  Demos for Presentation on Windows Runtime Security
  ☆70Updated 6 years ago
• vineetgaurav / WIN_JELLY
  Windows GPU rootkit PoC by Team Jellyfish
  ☆35Updated 9 years ago
• malcomvetter / WMIProcessWatcher
  An example pattern in C# for using WMI to monitor process creation and termination events.
  ☆51Updated 6 years ago
• hasherezade / pin_n_sieve
  An experimental dynamic malware unpacker based on Intel Pin and PE-sieve
  ☆57Updated 3 months ago
• securesean / Shim-Process-Scanner
  Windows x64 Process Scanner to detect application compatability shims
  ☆36Updated 6 years ago
• zodiacon / NativeApps
  Demos and presentation from SECArmy Village Grayhat 2020
  ☆36Updated last year
• codingtest / r0ak
  r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems
  ☆27Updated 6 years ago
• arizvisa / ndk
  A local copy of Alex Ionescu's seemingly abandoned native-nt-toolkit project containing knowledge inherited from the ReactOS project.
  ☆53Updated 5 years ago
• hasherezade / paramkit
  A small library helping to parse commandline parameters (for C/C++)
  ☆53Updated last year
• hasherezade / pe_utils
  A set of small utilities, helpers for PIN tracers
  ☆31Updated last year
• Empier / MemoryEditor
  [C#]Main.exe < - > [C_DLL] < - > [C_KERNEL] = Memory_Editor via Kernel
  ☆31Updated 5 years ago
• aaaddress1 / wow64Jit
  Call 32bit NtDLL API directly from WoW64 Layer
  ☆60Updated 4 years ago
• deroko / SPPLUAObjectUacBypass
  ☆45Updated 6 years ago
• hasherezade / tag_converter
  ☆21Updated 3 years ago
• rootm0s / UUB
  UIAccess UAC Bypass using token duplication and keyboard events
  ☆25Updated 5 years ago
• Jb05s / Exploit-Dev-C
  ☆22Updated 4 years ago
• 0vercl0k / KEPaboo
  Neutralize KEPServerEX anti-debugging techniques
  ☆31Updated last year
• ionescu007 / hazmat5
  Local OXID Resolver (LCLOR) : Research and Tooling
  ☆33Updated 3 years ago
• hasherezade / libpeconv_tpl
  A ready-made template for a project based on libpeconv.
  ☆41Updated last month
• OsandaMalith / ApiMon
  A simple API monitor for Windbg
  ☆62Updated 7 years ago
• hfiref0x / Misc
  Miscellaneous Code and Docs
  ☆77Updated 11 months ago
• swwwolf / obderef
  Decrement Windows Kernel for fun and profit
  ☆39Updated 6 years ago
• mrexodia / JitMagic
  Simple tool that allows you to have multiple Just-In-Time debuggers at once.
  ☆72Updated 2 months ago
• mrexodia / Diff
  Diff plugin for x64dbg
  ☆31Updated 3 years ago
• SouhailHammou / Exploits
  Exploits I've authored
  ☆59Updated 5 years ago
• DownWithUp / CallMon
  CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers
  ☆129Updated 4 years ago
• mrfearless / APIInfo-Plugin-x86
  APIInfo Plugin (x86) - A Plugin For x64dbg
  ☆49Updated 6 years ago
• mandiant / win10_rekall
  Rekall Memory Forensic Framework
  ☆29Updated 5 years ago