A guide to get you started with Windows Kernel Debugging walking you through the complete setup and usage of WinDbg to trace Windows process creation at the kernel level, from boot to PspCreateProcess, using VMware Workstation.
☆25Nov 26, 2025Updated 3 months ago
Alternatives and similar repositories for windows-kernel-debugging
Users that are interested in windows-kernel-debugging are comparing it to the libraries listed below
Sorting:
- A lightweight packet filtering firewall framework for windows platform☆11Jan 31, 2025Updated last year
- Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of …☆11Mar 22, 2021Updated 4 years ago
- Attack Active Directory Trusts with a single tool☆14Jan 15, 2025Updated last year
- Shellcode execution via x86 inline assembly based on MSVC syntax☆17Apr 26, 2023Updated 2 years ago
- Eset-Unload is a C++ tool that interacts with a process's loaded modules to identify and unload the ebehmoni.dll module, typically found …☆12Apr 21, 2025Updated 10 months ago
- ☆13Mar 3, 2025Updated 11 months ago
- Python wrapper for FASM☆15May 23, 2015Updated 10 years ago
- Library of BOFs to interact with SQL servers☆16Dec 6, 2024Updated last year
- Toolkit of Projects to attack and evade Event Trace for Windows☆26Aug 28, 2025Updated 5 months ago
- Anti-Malware security solution for Windows environment.☆19Jul 10, 2021Updated 4 years ago
- Simple Ransoware to attack Windows 🌟☆24Apr 19, 2023Updated 2 years ago
- shellDAVpass application is the Open-Source project, the main idea of which is to bypass the defender and AntiVirus detections to conduct…☆28Oct 3, 2025Updated 4 months ago
- Native API header files for the Process Hacker project (nightly).☆26Sep 28, 2025Updated 5 months ago
- Splitting and executing shellcode across multiple pages☆103Jun 8, 2023Updated 2 years ago
- Test bench lab for Shellcode Obfuscation☆35Sep 2, 2025Updated 5 months ago
- Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD☆28Jan 4, 2024Updated 2 years ago
- ☆34Aug 7, 2023Updated 2 years ago
- .NET assembly loader with patching AMSI and ETW bypass☆31Apr 16, 2025Updated 10 months ago
- DTrace for Windows in userspace; Frontend to ETW☆27Oct 4, 2022Updated 3 years ago
- ☆31Feb 28, 2025Updated last year
- ☆58Feb 19, 2026Updated last week
- Test AMSI Provider implementation in C#☆42Dec 18, 2024Updated last year
- A Proof of Concept Rootkit Demonstrating Keylogging and Virtual File System (VFS) Capabilities☆77Sep 21, 2022Updated 3 years ago
- A simple C++ Windows tool to get information about processes exposing named pipes.☆40Mar 6, 2025Updated 11 months ago
- ☆12Jun 26, 2023Updated 2 years ago
- Scripts to interact with Microsoft Graph APIs☆44Nov 7, 2024Updated last year
- Indirect NT syscalls LSASS dumper.☆46Jul 9, 2023Updated 2 years ago
- A Study in Obfuscation: Analyzing the effect of various techniques to bypass AV engines☆45Oct 27, 2022Updated 3 years ago
- Position-independent Reflective Loader for macOS☆112Feb 19, 2026Updated last week
- C/C++ antidebugging library for Windows☆52Nov 8, 2025Updated 3 months ago
- Archive of ransomware decryptors☆34Dec 7, 2017Updated 8 years ago
- Firefox webInjector capable of injecting codes into webpages using a mitmproxy.☆42Oct 30, 2022Updated 3 years ago
- Beacon Object Files (BOFs) for Cobalt Strike and Havoc C2. Implementations of Active Directory attacks and post-exploitation techniques.☆101Jan 26, 2026Updated last month
- runs sliver command on all hosts, partially based on example in sliver repo☆13Mar 23, 2024Updated last year
- Rainbow Six Siege Table Menu☆10Jun 4, 2021Updated 4 years ago
- Regex based secret scanner for sccm deployment points sccmcontentlib$ shares. Find secrets automatically and download entire packages for…☆18Aug 13, 2025Updated 6 months ago
- 内存加载FRP☆10Sep 11, 2023Updated 2 years ago
- Generate a PDB file given the old PDB file and an address mapping☆52Aug 3, 2025Updated 6 months ago
- Azure APIs enumeration and abuse☆13Dec 20, 2024Updated last year