Standalone tool to explore the security model of Windows and its NT kernel. Use it to introspect privilege assignments and access right assignments, enumerate attack surfaces from the point of view of a sandboxed process, etc.
☆33May 21, 2019Updated 6 years ago
Alternatives and similar repositories for ntsec
Users that are interested in ntsec are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Lists all visible objects in the Windows kernel object namespace, a command-line WinObj☆15May 27, 2018Updated 7 years ago
- A test project to try the new win32k.sys system call filtering mitigation in Windows 10☆15Mar 17, 2019Updated 7 years ago
- Static library and headers for linking your software with ntdll.dll☆37Dec 16, 2019Updated 6 years ago
- Source code on the 1.44MB 3.5 floppy accompanying the Windows NT File System Internals book.☆20Jul 31, 2019Updated 6 years ago
- Lists capabilities used by processes on your system as they are requested, to assist in the task of creating custom hardened profiles for…☆13Jul 24, 2025Updated 8 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- From 2011: Quickly search for files in NTFS volumes parsing the Master File Table (MFT). A decent amount of how NTFS and MFT work was pai…☆29Oct 14, 2019Updated 6 years ago
- Convert IDA Type Library `*.til` to Compilable C Header!☆20Mar 9, 2023Updated 3 years ago
- Window Executable file Function tracer using Debugging API☆44Sep 26, 2019Updated 6 years ago
- MircoSoft Detours 4.0.1,MIT License,Support X86,X64,ARM,IA64☆12Apr 23, 2018Updated 7 years ago
- Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.☆31May 18, 2022Updated 3 years ago
- Getting windows operating system version information by 3 ways. using APIs,GetVersionEx, VerifyVersionInfo☆13Apr 9, 2015Updated 11 years ago
- Simple program for static hooking dynamic libraries in executable application☆24Jan 15, 2014Updated 12 years ago
- Windows OS Internals Curriculum Resource Kit ACADEMIC☆19Nov 4, 2017Updated 8 years ago
- A sample bot for Cobalt Strike 3☆22Jun 11, 2016Updated 9 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems☆28Jul 27, 2018Updated 7 years ago
- 常用代码类☆13May 31, 2014Updated 11 years ago
- Modifies the code of the RtlUserThreadStart callback and reads the arguments passed to it. Then it changes the initial execution argument…☆15Mar 4, 2018Updated 8 years ago
- NTrace -- a function boundary tracing tool for Windows user and kernel mode☆22Nov 1, 2013Updated 12 years ago
- Confirms the capability of Hardware-Accelerated Virtualization Technology.☆10Feb 26, 2026Updated last month
- ☆10Aug 9, 2024Updated last year
- ☆83Dec 3, 2017Updated 8 years ago
- C++ WMI class library☆56Oct 20, 2023Updated 2 years ago
- UI application that can compare PE images in memory or in raw PE file☆19Feb 17, 2014Updated 12 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Demonstrates how to populate SID History on security principals migrated cross AD forest from PowerShell session☆15Feb 12, 2026Updated 2 months ago
- r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems☆28Aug 6, 2018Updated 7 years ago
- ☆12Feb 19, 2017Updated 9 years ago
- Dispar - Cross-platform Disassemling binary Parser☆20Nov 21, 2021Updated 4 years ago
- Go module that allows you to authenticate to Azure with a well known client ID using interactive logon and grab the token☆27Dec 1, 2022Updated 3 years ago
- A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection☆32Oct 7, 2020Updated 5 years ago
- High-level library for executable binary file analysis☆16Feb 13, 2017Updated 9 years ago
- Allows you to add breakpoints from IDA (from the graph/text view) to WinDbg easily☆14Oct 10, 2018Updated 7 years ago
- Standalone program to download PDB Symbol files for debugging without WDK☆80Jun 20, 2019Updated 6 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- ☆15Dec 4, 2016Updated 9 years ago
- Code samples that serve as references for Windows API functions☆77May 28, 2024Updated last year
- A collection of tools to enumerate and analyse Windows DACLs☆109Jul 11, 2015Updated 10 years ago
- PowerShell module for ctypes/PInvoke calls☆29Jun 12, 2025Updated 10 months ago
- Windows Process Lockdown Tool using Job Objects☆70Nov 10, 2013Updated 12 years ago
- PE(compressed dll) memory loader using nt api☆46Jul 3, 2017Updated 8 years ago
- Notes my learning steps about Windows-NT☆23May 18, 2017Updated 8 years ago