☆175Oct 2, 2024Updated last year
Alternatives and similar repositories for headers
Users that are interested in headers are comparing it to the libraries listed below
Sorting:
- ☆131Oct 2, 2024Updated last year
- windbg plugin for win32k debugging☆75Oct 14, 2019Updated 6 years ago
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆66Apr 4, 2020Updated 5 years ago
- C++ Exceptions in Windows Drivers☆221Dec 21, 2020Updated 5 years ago
- usermode standalone kernel interface☆111Jul 9, 2018Updated 7 years ago
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆657Jan 28, 2025Updated last year
- [ARCHIVED] mov rax, ${Thalium/IceBox}; jmp rax;☆76Jun 8, 2019Updated 6 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆240Nov 6, 2019Updated 6 years ago
- kHypervisor is a lightweight bluepill-like nested VMM for Windows, it provides and emulating a basic function of Intel VT-x☆443Nov 29, 2021Updated 4 years ago
- VT-based PCI device monitor (SPI)☆158Oct 29, 2020Updated 5 years ago
- Standalone program to download PDB Symbol files for debugging without WDK☆80Jun 20, 2019Updated 6 years ago
- LLVM based devirtualization PoC’s.☆21Dec 11, 2021Updated 4 years ago
- Map memory to user space and manipulate user memory, using capmon☆24Nov 3, 2018Updated 7 years ago
- Windows Driver Kit Extesion Header (Undoc)☆135Nov 9, 2021Updated 4 years ago
- ☆125May 23, 2020Updated 5 years ago
- Research on Windows Kernel Executive Callback Objects☆315Feb 22, 2020Updated 6 years ago
- Toolkit for Hyper-V security research☆157Mar 7, 2022Updated 3 years ago
- ☆14Aug 15, 2018Updated 7 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆104May 14, 2020Updated 5 years ago
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆146Feb 23, 2019Updated 7 years ago
- An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.☆149Mar 2, 2023Updated 2 years ago
- Demonstrate the new FileDispositionInfoEx behavior☆15Nov 6, 2017Updated 8 years ago
- Confirms the capability of Hardware-Accelerated Virtualization Technology.☆10Updated this week
- A branch-monitor-based solution for process monitoring.☆138Feb 9, 2020Updated 6 years ago
- Some garbage drivers written for getting started☆65Dec 31, 2019Updated 6 years ago
- Windbg2ida lets you dump each step in Windbg then shows these steps in IDA☆75Jul 6, 2024Updated last year
- Collect different versions of Crucial modules.☆145Jul 11, 2024Updated last year
- Windows kernel PDB data parsed into YAML☆42Nov 2, 2025Updated 3 months ago
- ☆39Oct 29, 2020Updated 5 years ago
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆183Nov 30, 2017Updated 8 years ago
- Hide codes/data in the kernel address space.☆188May 8, 2021Updated 4 years ago
- ☆28Nov 20, 2017Updated 8 years ago
- Helper script for Windows kernel debugging with IDA Pro on native Bochs debugger (including PDB symbols)☆62Aug 11, 2023Updated 2 years ago
- Simple utility to watch directory change notifications on a given path☆20Oct 6, 2017Updated 8 years ago
- API monitoring via return-hijacking thunks; works without information about target function prototypes.☆117May 26, 2020Updated 5 years ago
- A driver that hooks C: volume using symbolic link callback to track all FS access to the volume☆110Apr 24, 2020Updated 5 years ago
- Windows tool box library☆68Dec 29, 2017Updated 8 years ago
- A native hypervisor designed for the Windows operating system☆125Mar 6, 2021Updated 4 years ago
- Examples of leaking Kernel Mode information from User Mode on Windows☆634Jul 7, 2017Updated 8 years ago