Source code on the 1.44MB 3.5 floppy accompanying the Windows NT File System Internals book.
☆20Jul 31, 2019Updated 6 years ago
Alternatives and similar repositories for windows-nt-file-system-internals-book
Users that are interested in windows-nt-file-system-internals-book are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A C++ syscall ID extractor for Windows. Developed, debugged and tested on 20H2.☆21May 25, 2021Updated 4 years ago
- An example of Windows NT Native API application and kernel driver☆22Feb 10, 2020Updated 6 years ago
- From 2011: Quickly search for files in NTFS volumes parsing the Master File Table (MFT). A decent amount of how NTFS and MFT work was pai…☆29Oct 14, 2019Updated 6 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- Extended library for using direct system calls on windows☆17Feb 6, 2022Updated 4 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.☆31May 18, 2022Updated 3 years ago
- Windows Kernel API wrapper with simplified functions and enterprise driver extensions.☆33Jul 8, 2025Updated 8 months ago
- Standalone tool to explore the security model of Windows and its NT kernel. Use it to introspect privilege assignments and access right a…☆33May 21, 2019Updated 6 years ago
- windows内核安全与驱动开发代码☆12Apr 4, 2020Updated 5 years ago
- Bypassing kernel patch protection runtime☆22Feb 19, 2023Updated 3 years ago
- Some drivers I've written while solving exercises from Practical Reverse Engineering☆15Jan 9, 2022Updated 4 years ago
- Monitor ETW events for Windows process mitigation policies, with stack traces☆31Oct 7, 2022Updated 3 years ago
- clearing traces of a loaded driver☆47Jul 2, 2022Updated 3 years ago
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated last year
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- ☆21Jun 3, 2021Updated 4 years ago
- Basic experimentation with Windows drivers.☆17Mar 3, 2023Updated 3 years ago
- A test project to try the new win32k.sys system call filtering mitigation in Windows 10☆15Mar 17, 2019Updated 7 years ago
- Runtime smm module loader☆37Jan 12, 2023Updated 3 years ago
- a simple intel vt code both support x86 & x64. PatchGuard monitor.☆78Oct 28, 2021Updated 4 years ago
- Companion code for Inside OLE 2nd Edition, published in 1995☆20Aug 6, 2022Updated 3 years ago
- Ready-to-use headers for Windows Kernel SSDT indices☆11Apr 12, 2020Updated 5 years ago
- An example code of CiGetCertPublisherName☆16Mar 24, 2022Updated 4 years ago
- Windows driver template, using C++20 & cmake & GithubActions☆25Aug 9, 2024Updated last year
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- ☆17Oct 31, 2022Updated 3 years ago
- Hooking Heavens Gate in a weekend☆13Jan 1, 2022Updated 4 years ago
- Some set of scripts to unpack odin packets into separate files !!! Migrated to Codeberg !!!☆13Oct 9, 2023Updated 2 years ago
- A driver loader for Windows NT using NtLoadDriver()☆24Aug 30, 2015Updated 10 years ago
- ☆20Mar 15, 2023Updated 3 years ago
- ☆33Dec 22, 2020Updated 5 years ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- Simple Demo of using Windows Hypervisor Platform☆29Jul 14, 2025Updated 8 months ago
- ☆54Dec 21, 2022Updated 3 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ☆23May 8, 2023Updated 2 years ago
- Illustrates the concept of return address spoofing, and how it is used.☆14May 13, 2020Updated 5 years ago
- Source files for my posts☆17Jun 20, 2023Updated 2 years ago
- Function hooks in Windows NT Kernel☆26Oct 13, 2020Updated 5 years ago
- C# code to run PIC using CreateThread☆17Apr 19, 2019Updated 6 years ago
- Microsoft Windows real time file integrity monitoring and filtering using minifilter technology, this is was my university final project☆11Oct 17, 2014Updated 11 years ago
- A UEFI extraction tool☆25Nov 3, 2024Updated last year