therealdreg / masm32-kernel-programming
masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)
☆115Updated last year
Related projects ⓘ
Alternatives and complementary repositories for masm32-kernel-programming
- Recon 2023 slides and code☆78Updated last year
- msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation to be used within IDA.☆148Updated 10 months ago
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆109Updated 3 months ago
- ☆104Updated this week
- Writeups for CTF challenges☆30Updated 11 months ago
- A list of excellent resources for anyone to deepen their understanding with regards to Windows Kernel Exploitation and general low level …☆121Updated 2 years ago
- How to retro theme your Ghidra☆28Updated last week
- My notes while studying Windows exploitation☆184Updated last year
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆113Updated last year
- Advanced driver monitoring utility.☆201Updated 2 years ago
- Admin to Kernel code execution using the KSecDD driver☆237Updated 6 months ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆236Updated 2 years ago
- x86/x64 Ring 0/-2 System Freezer/Debugger☆111Updated 3 weeks ago
- Single header version of System Informer's phnt library.☆184Updated last week
- WinDbg extension written in Rust to dump the CPU / memory state of a running VM☆111Updated this week
- A tutorial on how to write a packer for Windows!☆245Updated 10 months ago
- Small tool to convert beteween the PE alignments (raw and virtual).☆81Updated last year
- A dynamic unpacking tool☆128Updated last year
- Static Binary Instrumentation tool for Windows x64 executables☆180Updated last week
- Contains all the applications developed for the Second part of the 7th Edition of Windows Internals book☆101Updated 4 months ago
- Simple x86/x64 Assembler/Disassembler/Emulator☆168Updated 3 months ago
- A attempt at replicating BLACKLOTUS capabilities, whilst not acting as a direct mimic.☆85Updated last year
- MalUnpack companion driver☆92Updated 4 months ago
- Abusing exceptions for code execution.☆106Updated last year
- ☆131Updated last year
- Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2☆221Updated 2 years ago
- Process Injection using Thread Name☆239Updated 2 months ago
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆114Updated 2 months ago
- ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…☆111Updated 2 months ago