repnz / windows-inspector
A driver to intercept low level windows events
☆62Updated 5 years ago
Alternatives and similar repositories for windows-inspector:
Users that are interested in windows-inspector are comparing it to the libraries listed below
- Debug Print viewer (user and kernel)☆65Updated last year
- File system minifilter driver for Windows to block symbolic link attacks.☆51Updated 4 years ago
- ☆30Updated 4 years ago
- Implementation of a dispatcher for Structured Exceptions inside a Vectored Exception Handler☆40Updated 5 years ago
- kernel-mode TDI client which can send and receive HTTP requests☆55Updated 6 years ago
- An example of a client and server using Windows' ALPC functions to send and receive data.☆94Updated 3 weeks ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆53Updated 5 years ago
- Blog posts☆30Updated 4 years ago
- ☆28Updated 6 years ago
- NDC Oslo 2019 slides and demos☆32Updated 4 years ago
- c++ implementation of windows heavens gate☆68Updated 4 years ago
- ☆67Updated 4 years ago
- A driver that hooks C: volume using symbolic link callback to track all FS access to the volume☆104Updated 4 years ago
- Driver demonstrating how to register a DPC to asynchronously wait on an object☆48Updated 4 years ago
- Simple proof of concept code for injecting libraries on 64bit processes from a 32bit process☆95Updated 6 years ago
- Example of hijacking system calls via function pointer tables☆32Updated 3 years ago
- x64 syscall caller in C++.☆86Updated 6 years ago
- Documenting system information classes and their uses☆50Updated 3 years ago
- Code injection by hijacking threads in Windows 32-bit applications☆43Updated 6 years ago
- A simple rootkit to hide a process☆46Updated 11 years ago
- ☆36Updated 5 years ago
- This repository contains some tools that I have written in the past☆28Updated last year
- Miscellaneous Code and Docs☆75Updated last year
- Static Library For Windows Drivers☆33Updated this week
- A packed & protected Module Loader and more, for 64-bit Windows☆28Updated 3 years ago
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆66Updated 4 years ago
- Standalone program to download PDB Symbol files for debugging without WDK☆77Updated 5 years ago
- Signature scanner and API hooks to detect malicious process injection☆25Updated last year
- Anti-Anti-VM solution via Windows Driver☆57Updated 6 years ago
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆74Updated 14 years ago