Papers, blogposts, tutorials etc for learning about Windows kernel exploitation, internals and (r|b)ootkits
☆415Jan 2, 2020Updated 6 years ago
Alternatives and similar repositories for windows_kernel_resources
Users that are interested in windows_kernel_resources are comparing it to the libraries listed below
Sorting:
- A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.☆437Aug 22, 2018Updated 7 years ago
- Examples of leaking Kernel Mode information from User Mode on Windows☆633Jul 7, 2017Updated 8 years ago
- Simple library to spray the Windows Kernel Pool☆110Jan 6, 2020Updated 6 years ago
- Cross Platform Kernel Fuzzer Framework☆457Oct 11, 2018Updated 7 years ago
- Pocs for Antivirus Software‘s Kernel Vulnerabilities☆266Jul 6, 2017Updated 8 years ago
- Windows Kernel Drivers fuzzer☆378Mar 15, 2017Updated 8 years ago
- A Fuzzer for Windows NDIS Drivers OID Handlers☆96Nov 4, 2021Updated 4 years ago
- This driver implements the Intel Processor Trace functionality in Intel Skylake architecture for Microsoft Windows☆466Apr 17, 2018Updated 7 years ago
- HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux☆2,946Feb 24, 2025Updated last year
- Toolkit for Hyper-V security research☆157Mar 7, 2022Updated 3 years ago
- windows syscall table from xp ~ 10 rs4☆356Jun 8, 2018Updated 7 years ago
- Python solutions for the HackSysTeam Extreme Vulnerable Driver☆152Mar 20, 2021Updated 4 years ago
- Some kernel fuzzing paper about windows and linux☆255Oct 9, 2017Updated 8 years ago
- Windows NT ioctl bruteforcer and modular fuzzer☆126Jan 15, 2019Updated 7 years ago
- Automated Exploit generation with WinDBG☆190Oct 18, 2016Updated 9 years ago
- DriverBuddy is an IDA Python script to assist with the reverse engineering of Windows kernel drivers.☆372Jan 8, 2020Updated 6 years ago
- Hypervisor based tool for monitoring system register accesses.☆154Sep 13, 2018Updated 7 years ago
- WinDBG Anti-RootKit Extension☆645Jul 29, 2020Updated 5 years ago
- Syscall Monitor is a system monitor program (like Sysinternal's Process Monitor) using Intel VT-X/EPT for Windows7+☆747Jun 26, 2017Updated 8 years ago
- DC25 5A1F - Demystifying Windows Kernel Exploitation by Abusing GDI Objects☆148Jul 30, 2017Updated 8 years ago
- PEDA-like debugger UI for WinDbg☆206Mar 29, 2024Updated last year
- PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap☆215Jul 2, 2020Updated 5 years ago
- Fuzz and Detect "Use After Free" vulnerability in win32k.sys ( Heap based )☆138Nov 28, 2015Updated 10 years ago
- A list of excellent resources for anyone to deepen their understanding with regards to Windows Kernel Exploitation and general low level …☆166Oct 5, 2022Updated 3 years ago
- Any useful windbg plugins I've written.☆117Apr 10, 2018Updated 7 years ago
- Content from presentation at BHUSA 2017☆180Jul 27, 2017Updated 8 years ago
- Kernel driver to fuzz Hyper-V hypercalls☆136Feb 15, 2019Updated 7 years ago
- A Bochs-based instrumentation performing kernel memory taint tracking to detect disclosure of uninitialized memory to ring 3☆310Feb 24, 2019Updated 7 years ago
- Incident Response & Digital Forensics Debugging Extension☆389Dec 11, 2018Updated 7 years ago
- Hypervisor-based debugger☆191Dec 2, 2020Updated 5 years ago
- Monitor activity of any driver☆353Nov 2, 2020Updated 5 years ago
- ☆91Jul 31, 2019Updated 6 years ago
- ☆408Mar 1, 2017Updated 8 years ago
- ☆63Apr 13, 2017Updated 8 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆22May 31, 2017Updated 8 years ago
- Notes my learning steps about Windows-NT☆23May 18, 2017Updated 8 years ago
- Windows kernel vulnerability in win32k.sys Driver☆35Dec 6, 2015Updated 10 years ago
- Security Research from the Microsoft Security Response Center (MSRC)☆1,379Aug 8, 2024Updated last year
- A tool to help malware analysts tell that the sample is injecting code into other process.☆78Aug 12, 2015Updated 10 years ago