msuiche / LiveCloudKd
Hyper-V Research is trendy now
☆171Updated 6 months ago
Related projects ⓘ
Alternatives and complementary repositories for LiveCloudKd
- Hyper-V Research is trendy now☆150Updated 3 weeks ago
- Hyper-V scripts☆112Updated 11 months ago
- MemoryRanger protects kernel data and code by running drivers and hosting data in isolated kernel enclaves using VT-x and EPT features. M…☆219Updated 4 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆204Updated 5 years ago
- ☆120Updated last month
- Toy scripts for playing with WinDbg JS API☆218Updated 4 months ago
- Windbg2ida lets you dump each step in Windbg then shows these steps in IDA☆73Updated 4 months ago
- The history of Windows Internals via symbols.☆177Updated 3 years ago
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆134Updated 5 years ago
- Elevation of privilege detector based on HyperPlatform☆117Updated 7 years ago
- Research on Windows Kernel Executive Callback Objects☆278Updated 4 years ago
- VT-based PCI device monitor (SPI)☆150Updated 4 years ago
- A Windows kernel dump C++ parser library with Python 3 bindings.☆193Updated 3 months ago
- ☆107Updated 4 years ago
- Toolkit for Hyper-V security research☆154Updated 2 years ago
- (unofficial) Hyper-V® Development Kit☆215Updated 8 months ago
- Translates WinDbg "dt" structure dump to a C structure☆126Updated 8 years ago
- Driver Initial Reconnaissance Tool☆119Updated 4 years ago
- Bindings for Microsoft WinDBG TTD☆200Updated last year
- An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.☆124Updated last year
- Basic Windows Kernel Programming☆124Updated 4 years ago
- Parsers for custom malware formats ("Funky malware formats")☆92Updated 2 years ago
- Enumerate user mode shared memory mappings on Windows.☆114Updated 3 years ago
- An IDA Pro extension for easier (malware) reverse engineering☆110Updated 2 years ago
- Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code☆178Updated 4 years ago
- CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers☆129Updated 4 years ago
- My repository to upload drivers from different books and all the information related to windows internals.☆154Updated 5 years ago
- Named pipe I/O ETW provider for Windows☆66Updated 4 years ago
- ☆131Updated last year