Standalone tool to explore the security model of Windows and its NT kernel. Use it to introspect privilege assignments and access right assignments, enumerate attack surfaces from the point of view of a sandboxed process, etc.
☆33May 21, 2019Updated 6 years ago
Alternatives and similar repositories for ntsec
Users that are interested in ntsec are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Lists all visible objects in the Windows kernel object namespace, a command-line WinObj☆15May 27, 2018Updated 7 years ago
- A test project to try the new win32k.sys system call filtering mitigation in Windows 10☆15Mar 17, 2019Updated 7 years ago
- Static library and headers for linking your software with ntdll.dll☆37Dec 16, 2019Updated 6 years ago
- Source code on the 1.44MB 3.5 floppy accompanying the Windows NT File System Internals book.☆20Jul 31, 2019Updated 6 years ago
- DNS over HTTPS Servers☆13Nov 19, 2018Updated 7 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Lists capabilities used by processes on your system as they are requested, to assist in the task of creating custom hardened profiles for…☆13Jul 24, 2025Updated 8 months ago
- Collection of dockerfiles to build containers☆13Mar 19, 2018Updated 8 years ago
- From 2011: Quickly search for files in NTFS volumes parsing the Master File Table (MFT). A decent amount of how NTFS and MFT work was pai…☆29Oct 14, 2019Updated 6 years ago
- Convert IDA Type Library `*.til` to Compilable C Header!☆20Mar 9, 2023Updated 3 years ago
- Window Executable file Function tracer using Debugging API☆44Sep 26, 2019Updated 6 years ago
- MircoSoft Detours 4.0.1,MIT License,Support X86,X64,ARM,IA64☆12Apr 23, 2018Updated 7 years ago
- Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.☆31May 18, 2022Updated 3 years ago
- Getting windows operating system version information by 3 ways. using APIs,GetVersionEx, VerifyVersionInfo☆13Apr 9, 2015Updated 10 years ago
- Simple program for static hooking dynamic libraries in executable application☆24Jan 15, 2014Updated 12 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Windows OS Internals Curriculum Resource Kit ACADEMIC☆19Nov 4, 2017Updated 8 years ago
- A sample bot for Cobalt Strike 3☆22Jun 11, 2016Updated 9 years ago
- r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems☆28Jul 27, 2018Updated 7 years ago
- 常用代码类☆13May 31, 2014Updated 11 years ago
- Modifies the code of the RtlUserThreadStart callback and reads the arguments passed to it. Then it changes the initial execution argument…☆15Mar 4, 2018Updated 8 years ago
- NTrace -- a function boundary tracing tool for Windows user and kernel mode☆22Nov 1, 2013Updated 12 years ago
- Confirms the capability of Hardware-Accelerated Virtualization Technology.☆10Feb 26, 2026Updated 3 weeks ago
- ☆10Aug 9, 2024Updated last year
- ☆82Dec 3, 2017Updated 8 years ago
- NordVPN Threat Protection Pro™ • AdTake your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
- C++ WMI class library☆56Oct 20, 2023Updated 2 years ago
- UI application that can compare PE images in memory or in raw PE file☆19Feb 17, 2014Updated 12 years ago
- Demonstrates how to populate SID History on security principals migrated cross AD forest from PowerShell session☆15Feb 12, 2026Updated last month
- r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems☆28Aug 6, 2018Updated 7 years ago
- ☆12Feb 19, 2017Updated 9 years ago
- Dispar - Cross-platform Disassemling binary Parser☆20Nov 21, 2021Updated 4 years ago
- Go module that allows you to authenticate to Azure with a well known client ID using interactive logon and grab the token☆27Dec 1, 2022Updated 3 years ago
- A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection☆32Oct 7, 2020Updated 5 years ago
- High-level library for executable binary file analysis☆16Feb 13, 2017Updated 9 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Allows you to add breakpoints from IDA (from the graph/text view) to WinDbg easily☆14Oct 10, 2018Updated 7 years ago
- Standalone program to download PDB Symbol files for debugging without WDK☆80Jun 20, 2019Updated 6 years ago
- ☆15Dec 4, 2016Updated 9 years ago
- Code samples that serve as references for Windows API functions☆76May 28, 2024Updated last year
- A collection of tools to enumerate and analyse Windows DACLs☆109Jul 11, 2015Updated 10 years ago
- PowerShell module for ctypes/PInvoke calls☆29Jun 12, 2025Updated 9 months ago
- Windows Process Lockdown Tool using Job Objects☆70Nov 10, 2013Updated 12 years ago