Papers, blogposts, tutorials etc for learning about Windows kernel exploitation, internals and (r|b)ootkits
☆415Jan 2, 2020Updated 6 years ago
Alternatives and similar repositories for windows_kernel_resources
Users that are interested in windows_kernel_resources are comparing it to the libraries listed below
Sorting:
- A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.☆437Aug 22, 2018Updated 7 years ago
- Examples of leaking Kernel Mode information from User Mode on Windows☆634Jul 7, 2017Updated 8 years ago
- Cross Platform Kernel Fuzzer Framework☆457Oct 11, 2018Updated 7 years ago
- Simple library to spray the Windows Kernel Pool☆110Jan 6, 2020Updated 6 years ago
- Pocs for Antivirus Software‘s Kernel Vulnerabilities☆266Jul 6, 2017Updated 8 years ago
- Windows Kernel Drivers fuzzer☆378Mar 15, 2017Updated 9 years ago
- HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux☆2,965Feb 24, 2025Updated last year
- A Fuzzer for Windows NDIS Drivers OID Handlers☆96Nov 4, 2021Updated 4 years ago
- Some kernel fuzzing paper about windows and linux☆255Oct 9, 2017Updated 8 years ago
- Python solutions for the HackSysTeam Extreme Vulnerable Driver☆152Mar 20, 2021Updated 5 years ago
- A list of excellent resources for anyone to deepen their understanding with regards to Windows Kernel Exploitation and general low level …☆167Oct 5, 2022Updated 3 years ago
- Windows NT ioctl bruteforcer and modular fuzzer☆126Jan 15, 2019Updated 7 years ago
- windows syscall table from xp ~ 10 rs4☆356Jun 8, 2018Updated 7 years ago
- Toolkit for Hyper-V security research☆158Mar 7, 2022Updated 4 years ago
- DriverBuddy is an IDA Python script to assist with the reverse engineering of Windows kernel drivers.☆372Jan 8, 2020Updated 6 years ago
- Notes my learning steps about Windows-NT☆23May 18, 2017Updated 8 years ago
- ☆91Jul 31, 2019Updated 6 years ago
- This driver implements the Intel Processor Trace functionality in Intel Skylake architecture for Microsoft Windows☆466Apr 17, 2018Updated 7 years ago
- kernel pool windbg extension☆83Jul 23, 2015Updated 10 years ago
- DC25 5A1F - Demystifying Windows Kernel Exploitation by Abusing GDI Objects☆147Jul 30, 2017Updated 8 years ago
- A windbg extension, extracting token related contents☆41Dec 23, 2020Updated 5 years ago
- WinDBG Anti-RootKit Extension☆646Jul 29, 2020Updated 5 years ago
- Syscall Monitor is a system monitor program (like Sysinternal's Process Monitor) using Intel VT-X/EPT for Windows7+☆748Jun 26, 2017Updated 8 years ago
- Any useful windbg plugins I've written.☆117Apr 10, 2018Updated 7 years ago
- 0CCh Windbg extension: include some useful commands☆114Aug 1, 2023Updated 2 years ago
- Kernel driver to fuzz Hyper-V hypercalls☆136Feb 15, 2019Updated 7 years ago
- Incident Response & Digital Forensics Debugging Extension☆393Dec 11, 2018Updated 7 years ago
- Hypervisor based tool for monitoring system register accesses.☆154Sep 13, 2018Updated 7 years ago
- ☆50Jun 1, 2017Updated 8 years ago
- PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap☆214Jul 2, 2020Updated 5 years ago
- Fuzz and Detect "Use After Free" vulnerability in win32k.sys ( Heap based )☆138Nov 28, 2015Updated 10 years ago
- A dirty IDAPython script to dump windows system call number/name pairs as JSON☆36Feb 13, 2017Updated 9 years ago
- Automated Exploit generation with WinDBG☆190Oct 18, 2016Updated 9 years ago
- Content from presentation at BHUSA 2017☆180Jul 27, 2017Updated 8 years ago
- Hypervisor-based debugger☆191Dec 2, 2020Updated 5 years ago
- Security Research from the Microsoft Security Response Center (MSRC)☆1,379Aug 8, 2024Updated last year
- ☆63Apr 13, 2017Updated 8 years ago
- ☆151Jan 7, 2020Updated 6 years ago
- A Bochs-based instrumentation performing kernel memory taint tracking to detect disclosure of uninitialized memory to ring 3☆310Feb 24, 2019Updated 7 years ago