therealdreg / auxlib

Related projects: ⓘ

• zodiacon / ObjDir
  Simple command line version of Sysinternals WinObj. Currently just lists object names and types given an object manager directory.
  ☆19Updated last year
• AaLl86 / retroware
  This repository contains some tools that I have written in the past
  ☆25Updated 10 months ago
• JKornev / NTlib
  Static library and headers for linking your software with ntdll.dll
  ☆30Updated 4 years ago
• JKornev / cfgdump
  Windbg extension that allows you analyze Control Flow Guard map
  ☆34Updated 2 years ago
• tandasat / hyperplatform_log_parser
  User-mode program parsing logs created by HyperPlatform
  ☆18Updated 8 years ago
• OSRDrivers / penter
  penter hook example and driver time recorder
  ☆28Updated 6 years ago
• OSRDrivers / windbg-exts
  Various WinDbg extensions and scripts
  ☆31Updated 6 years ago
• binbibi / libedge
  Microsoft Edge Microsoft Edge主页算法
  ☆18Updated 5 years ago
• mgeeky / prc_xchk
  User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.
  ☆18Updated 8 years ago
• zodiacon / AccessMask
  ☆18Updated 5 years ago
• BrunoMCBraga / Kernel-Whisperer
  ☆27Updated 3 years ago
• mudlord / mupack
  ☆23Updated this week
• zodiacon / DeviceExplorer
  ☆38Updated last year
• lowleveldesign / lldext
  My commands and scripts extending WinDbg
  ☆28Updated last week
• AzureGreen / WinNT-Learning
  Notes my learning steps about Windows-NT
  ☆22Updated 7 years ago
• mq1n / Wow64SyscallHook
  Wow64 syscall hook
  ☆39Updated 7 years ago
• pstolarz / asprext
  ASProtect reverse engineering & analysis WinDbg extension
  ☆20Updated 3 years ago
• Nukem9 / VMWareClient
  Reverse engineered vmware workstation code to aid in kernel debugging.
  ☆14Updated 8 years ago
• Mattiwatti / WinMain-is-usually-a-function
  Windows NT port of 'Main is usually a function. So then when is it not?'
  ☆24Updated 6 months ago
• zodiacon / InfStudio
  INF Studio for easier working with driver installation files
  ☆36Updated 10 months ago
• zodiacon / ErrorLookup
  Simple error lookup for Win32 and NTSTATUS errors
  ☆17Updated 5 years ago
• Fyyre / directntapi
  DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10
  ☆49Updated 6 months ago
• DownWithUp / WhoCalls_C
  WhoCalls can query a directory of files, find the binaries, and search for a user specified Win API import. It and works with both 32-bit…
  ☆17Updated 2 years ago
• AndreyBazhan / DbgPkg
  Scripts to prepare Windows system for debugging.
  ☆29Updated 3 years ago
• apriorit / antirootkit-anti-splicer
  The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers
  ☆34Updated 7 years ago
• Microwave89 / drvtricks
  drvtriks kernel driver for Windows 7 SP1 and 8.1 x64, that tricks around in your system.
  ☆31Updated 6 years ago
• wolk-1024 / WoW64Utils
  WoW64 -> x64
  ☆18Updated 7 years ago
• AntiRootkit / BDArkit
  just an lite AntiRootkit for interesting
  ☆23Updated 8 years ago
• Speedi13 / NsiAllocateAndGetTable-used-from-GetTcpTableInternal
  Undocumented NsiAllocateAndGetTable usage in GetTcpTableInternal reverse engineered on Win7 X64
  ☆18Updated 6 years ago
• KelvinMsft / ScreenCapAttack
  ☆32Updated 3 years ago