Alternatives and similar repositories for windows-nt-file-system-internals-book

Users that are interested in windows-nt-file-system-internals-book are comparing it to the libraries listed below

• alfarom256 / MinifilterResearch
  ☆16Updated 3 years ago
• gabriellandau / CISpotter
  Code Integrity Violation Spotter
  ☆17Updated last year
• omerk2511 / NotifyRoutinesResearch
  A research project about Windows notify routines.
  ☆38Updated 5 years ago
• Air14 / SmmLoader
  Runtime smm module loader
  ☆35Updated 3 years ago
• OSRDrivers / WDF-I
  Writing WDF Drivers I: Core Concepts Lab Material
  ☆53Updated 2 years ago
• therealdreg / symseghelper
  Helper scripts for windows debugging with symbols for Bochs and IDA Pro (PDB files). Very handy for user mode <--> kernel mode
  ☆19Updated 2 years ago
• ioncodes / rw
  allowing um r/w through km from um ioctl ™
  ☆11Updated 4 years ago
• KelvinMsft / TechMyths
  ☆18Updated 2 years ago
• shareef12 / driveranalyzer
  Binary Ninja plugin to perform automated analysis of Windows drivers
  ☆20Updated 6 years ago
• hfiref0x / Misc
  Miscellaneous Code and Docs
  ☆84Updated 6 months ago
• kukrimate / grr
  AMD SVM hypervisor rootkit proof of concept
  ☆48Updated 2 years ago
• malware-unicorn / pteroioctl-hook
  A driver to implement IOCTL hooking
  ☆27Updated 3 years ago
• tandasat / ia32-doc
  IA32-doc is a project which aims to put as many definitions from the Intel Manual into machine-processable format as possible
  ☆18Updated 3 years ago
• hugsy / modern-cpp-windows-driver-template
  Windows driver template, using C++20 & cmake & GithubActions
  ☆24Updated last year
• irql / carboot
  x86_64, PE32+, FAT32 bootloader
  ☆26Updated 4 years ago
• un4ckn0wl3z / PCIE-Detector
  Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures
  ☆37Updated last year
• therealdreg / auxlib
  Full reversing of the Microsoft Auxiliary Windows API Library and ported to C
  ☆24Updated last year
• Zhuagenborn / Windows-x86-Debugger
  🐞 A simple Windows x86 debugging framework written in C++20 that supports software breakpoints and hardware breakpoints. It can be used …
  ☆13Updated 9 months ago
• hasherezade / pin_n_sieve
  An experimental dynamic malware unpacker based on Intel Pin and PE-sieve
  ☆63Updated last year
• jxy-s / vfdynf
  Application Verifier Dynamic Fault Injection
  ☆40Updated this week
• Fyyre / directntapi
  DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10
  ☆53Updated last year
• therealdreg / windbgtocstruct
  Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…
  ☆27Updated 2 years ago
• Lima-X / XOrCryptEx
  XOrCryptEx lightweight C Utility/Algorithm
  ☆11Updated 3 years ago
• b-irb / sauron
  Simple Intel VT-x type-2 hypervisor for 64-bit Linux.
  ☆20Updated 5 years ago
• Deputation / syscall_extractor
  A C++ syscall ID extractor for Windows. Developed, debugged and tested on 20H2.
  ☆21Updated 4 years ago
• r0keb / MunIntel
  kASLR bypass technique on Intel CPUs.
  ☆32Updated 7 months ago
• thejanit0r / x86_dasm
  Lightweight x86-64 disassembling library
  ☆44Updated 3 years ago
• yjugl / mitimon
  Monitor ETW events for Windows process mitigation policies, with stack traces
  ☆31Updated 3 years ago
• zodiacon / DllIconHandler
  Shows different icons for 64 and 32-bit DLLs. Register with RegSvr32 to install
  ☆37Updated last year
• vitoplantamura / BugChecker2002
  SoftICE-like debugger for Windows 2000 and XP. Archived.
  ☆19Updated 3 years ago