libyal / libmdmpLinks
Library and tools to access the Windows Minidump (MDMP) format
☆43Updated 11 months ago
Alternatives and similar repositories for libmdmp
Users that are interested in libmdmp are comparing it to the libraries listed below
Sorting:
- A collection of tools, source code, and papers researching Windows' implementation of CET.☆84Updated 4 years ago
- Three Tiny Examples of Directly Using Vista's NtCreateUserProcess☆87Updated 9 years ago
- Documenting system information classes and their uses☆51Updated 3 years ago
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆144Updated 6 years ago
- Support Windows OS Reversing by searching easily for references to functions across many DLLs☆34Updated 3 years ago
- Trace events in real time sessions☆45Updated last year
- File system minifilter driver for Windows to block symbolic link attacks.☆51Updated 4 years ago
- ☆21Updated 4 years ago
- Windows kernel PDB data parsed into YAML☆38Updated 7 months ago
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year
- ☆25Updated 2 years ago
- IDA plugin to explore and browse tags☆56Updated 5 years ago
- Local OXID Resolver (LCLOR) : Research and Tooling☆35Updated 4 years ago
- A ready-made template for a project based on libpeconv.☆48Updated 4 months ago
- Dynamic COFF object loader☆23Updated 7 years ago
- Miscellaneous Code and Docs☆81Updated this week
- An experimental dynamic malware unpacker based on Intel Pin and PE-sieve☆60Updated 10 months ago
- A cross-platform Python toolkit for parsing/writing PE files.☆67Updated last year
- ☆25Updated last year
- Lightweight Portable Executable parsing library and a demo peParser application.☆80Updated 2 years ago
- Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post☆63Updated 9 months ago
- Authenticode-parser is a simple C library for Authenticode format parsing using OpenSSL.☆18Updated last year
- allowing um r/w through km from um ioctl ™☆11Updated 3 years ago
- Enumerate user mode shared memory mappings on Windows.☆121Updated 4 years ago
- GetHooks is a program designed for the passive detection and monitoring of hooks from a limited user account.☆61Updated 3 years ago
- Windbg extension that allows you analyze Control Flow Guard map☆35Updated 3 years ago
- Application Verifier Dynamic Fault Injection☆39Updated 2 months ago
- Advance LPC☆69Updated 8 years ago
- WinDbg debugger extension library providing various tools to analyse, dump and fix (restore) Microsoft Portable Executable files for both…☆82Updated 10 months ago
- DTrace for Windows in userspace; Frontend to ETW☆27Updated 2 years ago