Windows kernel-mode callbacks tutorial driver
☆48Aug 8, 2016Updated 9 years ago
Alternatives and similar repositories for cbtest
Users that are interested in cbtest are comparing it to the libraries listed below
Sorting:
- Notes my learning steps about Windows-NT☆23May 18, 2017Updated 8 years ago
- Spoof Windows Test Signing Mode☆29Oct 13, 2018Updated 7 years ago
- Demo List cm/ps/ob/minifilter callback And Patch/Bypass it☆29Dec 5, 2017Updated 8 years ago
- analyze the content of the pe file on windows, and shell(pack) function for windows drivers.☆11Nov 9, 2018Updated 7 years ago
- Kernel mode driver loader, injecting into the windows kernel, Rootkit. Driver injections.☆48Nov 9, 2014Updated 11 years ago
- Debugger extension for the Debugging Tools for Windows (WinDbg, KD, CDB, NTSD).☆69Nov 14, 2016Updated 9 years ago
- ☆14Jan 10, 2017Updated 9 years ago
- Helper utility for debugging windows PE/PE+ loader.☆52Mar 15, 2015Updated 10 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆78Aug 12, 2015Updated 10 years ago
- Windows Kernel Driver - Create a driver device in TDI layer of windows kernel to capture network data packets☆36Jul 21, 2014Updated 11 years ago
- windows kernel File redirection☆20Sep 21, 2014Updated 11 years ago
- more at http://www.zer0mem.sk/?p=271☆12Jun 11, 2013Updated 12 years ago
- ☆17Oct 24, 2016Updated 9 years ago
- Wow64 syscall hook☆43May 28, 2017Updated 8 years ago
- The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers☆34Mar 13, 2017Updated 8 years ago
- Shareds for kernel developement☆29Dec 23, 2013Updated 12 years ago
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆79Jan 24, 2011Updated 15 years ago
- A kernel level anti-rootkit tool which runs on the windows platform.☆92Apr 18, 2014Updated 11 years ago
- Windows Kernel Mode PCRE☆10Feb 4, 2015Updated 11 years ago
- A sample on how to inject a DLL from a kernel driver☆61Sep 13, 2016Updated 9 years ago
- A couple of little tools I've made for working with Windows Drivers☆15Jan 18, 2016Updated 10 years ago
- Library for kernel and user mode splicing for Windows (x86 and x64).☆64Oct 29, 2012Updated 13 years ago
- MIR-Engine☆23Jul 6, 2017Updated 8 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆22May 31, 2017Updated 8 years ago
- Enumerates very, very large directories quickly by directly using kernel syscalls. For POSIX and Windows. WARNING THIS IS OBSOLETE. USE B…☆15Aug 13, 2014Updated 11 years ago
- A sample project for using Capstone from a driver in Visual Studio 2015☆36May 4, 2016Updated 9 years ago
- Windows API hooking project to log all the windows / UIs with the exact timestamp when they are opened.☆15May 1, 2021Updated 4 years ago
- Modify process handle permissions☆61Nov 30, 2016Updated 9 years ago
- ☆27May 27, 2017Updated 8 years ago
- Evil Reflective DLL Injection Finder☆47Nov 23, 2018Updated 7 years ago
- Windows Kernel Template Library☆114Sep 13, 2022Updated 3 years ago
- XDK is a fully featured C++ wrapper library for Windows kernel development☆21Jan 20, 2016Updated 10 years ago
- Automatically exported from code.google.com/p/guardlite☆11Jul 2, 2015Updated 10 years ago
- Vulnerable Windows Driver with exploits which were used for demonstration purposes on Hunting and exploiting bugs in kernel drivers prese…☆13Jan 29, 2013Updated 13 years ago
- Disable Driver Callbacks☆104Oct 16, 2017Updated 8 years ago
- Simple proof of concept code for injecting libraries on 64bit processes from a 32bit process☆96Oct 12, 2018Updated 7 years ago
- 内核级ARK工具。☆62Aug 1, 2016Updated 9 years ago
- Tool that dumps beacon frames to a pcap file. Works on Windows Vista or Later with any Wireless Card.☆27Mar 19, 2022Updated 3 years ago
- PCAUSA Rawether for Windows Local Privilege Escalation☆39Mar 15, 2017Updated 8 years ago