tpn / windows-nt-file-system-internals-bookView external linksLinks
Source code on the 1.44MB 3.5 floppy accompanying the Windows NT File System Internals book.
☆20Jul 31, 2019Updated 6 years ago
Alternatives and similar repositories for windows-nt-file-system-internals-book
Users that are interested in windows-nt-file-system-internals-book are comparing it to the libraries listed below
Sorting:
- A C++ syscall ID extractor for Windows. Developed, debugged and tested on 20H2.☆21May 25, 2021Updated 4 years ago
- An example of Windows NT Native API application and kernel driver☆22Feb 10, 2020Updated 6 years ago
- From 2011: Quickly search for files in NTFS volumes parsing the Master File Table (MFT). A decent amount of how NTFS and MFT work was pai…☆29Oct 14, 2019Updated 6 years ago
- Bypassing kernel patch protection runtime☆21Feb 19, 2023Updated 2 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- windows内核安全与驱动开发代码☆12Apr 4, 2020Updated 5 years ago
- Windows Kernel API wrapper with simplified functions and enterprise driver extensions.☆31Jul 8, 2025Updated 7 months ago
- clearing traces of a loaded driver☆47Jul 2, 2022Updated 3 years ago
- Ready-to-use headers for Windows Kernel SSDT indices☆11Apr 12, 2020Updated 5 years ago
- Runtime smm module loader☆35Jan 12, 2023Updated 3 years ago
- Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.☆32May 18, 2022Updated 3 years ago
- Monitor ETW events for Windows process mitigation policies, with stack traces☆31Oct 7, 2022Updated 3 years ago
- Extended library for using direct system calls on windows☆17Feb 6, 2022Updated 4 years ago
- What makes it page☆17Aug 24, 2022Updated 3 years ago
- A test project to try the new win32k.sys system call filtering mitigation in Windows 10☆15Mar 17, 2019Updated 6 years ago
- ☆33Dec 22, 2020Updated 5 years ago
- a simple intel vt code both support x86 & x64. PatchGuard monitor.☆77Oct 28, 2021Updated 4 years ago
- A simple windows driver that can read and write to process memory from kernel mode☆11Aug 31, 2021Updated 4 years ago
- Hooking Heavens Gate in a weekend☆13Jan 1, 2022Updated 4 years ago
- Some drivers I've written while solving exercises from Practical Reverse Engineering☆15Jan 9, 2022Updated 4 years ago
- File encryption based on DES and blowfish☆15May 29, 2025Updated 8 months ago
- Microsoft Windows real time file integrity monitoring and filtering using minifilter technology, this is was my university final project☆11Oct 17, 2014Updated 11 years ago
- Basic experimentation with Windows drivers.☆17Mar 3, 2023Updated 2 years ago
- ☆20Mar 15, 2023Updated 2 years ago
- Standalone tool to explore the security model of Windows and its NT kernel. Use it to introspect privilege assignments and access right a…☆33May 21, 2019Updated 6 years ago
- SoftICE-like debugger for Windows 2000 and XP. Archived.☆19Dec 23, 2022Updated 3 years ago
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated last year
- ☆21Jun 3, 2021Updated 4 years ago
- An example code of CiGetCertPublisherName☆17Mar 24, 2022Updated 3 years ago
- a loadable windows disk filter driver☆16Nov 24, 2012Updated 13 years ago
- Illustrates the concept of return address spoofing, and how it is used.☆14May 13, 2020Updated 5 years ago
- Decoder for VMProtect hwids☆17Aug 1, 2022Updated 3 years ago
- ☆16Oct 31, 2022Updated 3 years ago
- ☆17Dec 18, 2022Updated 3 years ago
- Technion CS Ransomware Project: Writing Windows Mini-Filter Driver to protect PC from Ransomware☆37Feb 11, 2021Updated 5 years ago
- ☆53Dec 21, 2022Updated 3 years ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- A UEFI extraction tool☆24Nov 3, 2024Updated last year
- Companion code for Inside OLE 2nd Edition, published in 1995☆20Aug 6, 2022Updated 3 years ago