Standalone tool to explore the security model of Windows and its NT kernel. Use it to introspect privilege assignments and access right assignments, enumerate attack surfaces from the point of view of a sandboxed process, etc.
☆33May 21, 2019Updated 7 years ago
Alternatives and similar repositories for ntsec
Users that are interested in ntsec are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Lists all visible objects in the Windows kernel object namespace, a command-line WinObj☆16May 27, 2018Updated 7 years ago
- A test project to try the new win32k.sys system call filtering mitigation in Windows 10☆16Mar 17, 2019Updated 7 years ago
- Static library and headers for linking your software with ntdll.dll☆38Dec 16, 2019Updated 6 years ago
- Source code on the 1.44MB 3.5 floppy accompanying the Windows NT File System Internals book.☆20Jul 31, 2019Updated 6 years ago
- DNS over HTTPS Servers☆13Nov 19, 2018Updated 7 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Lists capabilities used by processes on your system as they are requested, to assist in the task of creating custom hardened profiles for…☆13Jul 24, 2025Updated 10 months ago
- From 2011: Quickly search for files in NTFS volumes parsing the Master File Table (MFT). A decent amount of how NTFS and MFT work was pai…☆29Oct 14, 2019Updated 6 years ago
- Convert IDA Type Library `*.til` to Compilable C Header!☆19Mar 9, 2023Updated 3 years ago
- Window Executable file Function tracer using Debugging API☆41Sep 26, 2019Updated 6 years ago
- MircoSoft Detours 4.0.1,MIT License,Support X86,X64,ARM,IA64☆12Apr 23, 2018Updated 8 years ago
- Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.☆31May 18, 2022Updated 4 years ago
- Getting windows operating system version information by 3 ways. using APIs,GetVersionEx, VerifyVersionInfo☆13Apr 9, 2015Updated 11 years ago
- Simple program for static hooking dynamic libraries in executable application☆24Jan 15, 2014Updated 12 years ago
- Windows OS Internals Curriculum Resource Kit ACADEMIC☆19Nov 4, 2017Updated 8 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- A sample bot for Cobalt Strike 3☆22Jun 11, 2016Updated 9 years ago
- r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems☆27Jul 27, 2018Updated 7 years ago
- 常用代码类☆13May 31, 2014Updated 11 years ago
- NTrace -- a function boundary tracing tool for Windows user and kernel mode☆22Nov 1, 2013Updated 12 years ago
- Confirms the capability of Hardware-Accelerated Virtualization Technology.☆10Feb 26, 2026Updated 3 months ago
- Modifies the code of the RtlUserThreadStart callback and reads the arguments passed to it. Then it changes the initial execution argument…☆16Mar 4, 2018Updated 8 years ago
- ☆83Dec 3, 2017Updated 8 years ago
- C++ WMI class library☆56Oct 20, 2023Updated 2 years ago
- r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems☆28Aug 6, 2018Updated 7 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- UI application that can compare PE images in memory or in raw PE file☆19Feb 17, 2014Updated 12 years ago
- Demonstrates how to populate SID History on security principals migrated cross AD forest from PowerShell session☆15Feb 12, 2026Updated 3 months ago
- ☆12Feb 19, 2017Updated 9 years ago
- Dispar - Cross-platform Disassemling binary Parser☆20Nov 21, 2021Updated 4 years ago
- Go module that allows you to authenticate to Azure with a well known client ID using interactive logon and grab the token☆27Dec 1, 2022Updated 3 years ago
- A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection☆32Oct 7, 2020Updated 5 years ago
- High-level library for executable binary file analysis☆16Feb 13, 2017Updated 9 years ago
- Allows you to add breakpoints from IDA (from the graph/text view) to WinDbg easily☆14Oct 10, 2018Updated 7 years ago
- Standalone program to download PDB Symbol files for debugging without WDK☆81Jun 20, 2019Updated 6 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- ☆15Dec 4, 2016Updated 9 years ago
- A collection of tools to enumerate and analyse Windows DACLs☆110Jul 11, 2015Updated 10 years ago
- PowerShell module for ctypes/PInvoke calls☆30Jun 12, 2025Updated 11 months ago
- Code samples that serve as references for Windows API functions☆78May 28, 2024Updated last year
- Windows Process Lockdown Tool using Job Objects☆70Nov 10, 2013Updated 12 years ago
- PE(compressed dll) memory loader using nt api☆46Jul 3, 2017Updated 8 years ago
- Notes my learning steps about Windows-NT☆23May 18, 2017Updated 9 years ago