trailofbits / WinDbg-JSLinks
☆25Updated last year
Alternatives and similar repositories for WinDbg-JS
Users that are interested in WinDbg-JS are comparing it to the libraries listed below
Sorting:
- Winbindex bot to pull in binaries for specific releases☆48Updated 2 years ago
- Extract data of TTD trace file to a minidump☆30Updated 2 years ago
- A Practical example of ELAM (Early Launch Anti-Malware)☆35Updated 3 years ago
- ☆32Updated last year
- Windows kernel PDB data parsed into YAML☆41Updated 10 months ago
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆26Updated 2 years ago
- A few examples of how to trap virtual memory access on Windows.☆34Updated 9 months ago
- Repository of Microsoft Driver Block Lists based off of OS-builds☆40Updated last year
- ☆85Updated last year
- ☆18Updated 4 years ago
- ☆71Updated 2 years ago
- Harness to issue Virtual Secure Mode (VSM) "secure calls" from VTL 0 to VTL 1☆48Updated 3 weeks ago
- ☆26Updated 3 years ago
- Monitors ETW for security relevant syscalls maintaining the set called by each unique process☆83Updated 2 years ago
- really ?☆12Updated last year
- Command like tool to print mitigation flags for running processes in a memory dump☆47Updated 5 years ago
- Clone running process with ZwCreateProcess☆58Updated 4 years ago
- A fully compatible replacement of Windows NT NtCreateLowBoxToken syscall - precisely restored from reverse engineering☆41Updated 3 months ago
- the Open Source and Pure C++ Packer for eXecutables☆21Updated 2 years ago
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆27Updated 2 years ago
- A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.☆31Updated 3 years ago
- call gates as stable comunication channel for NT x86 and Linux x86_64☆32Updated 2 years ago
- WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs☆18Updated 2 years ago
- Windows process injection methods☆18Updated 6 years ago
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆112Updated 2 years ago
- A C++ PoC implementation for enumerating Windows Fibers directly from memory☆20Updated last year
- anti-ransomware file-system filter☆62Updated last year
- The Console Monitor Driver is a KMDF kernel-mode filter driver that captures certain Fast I/O operations (input and output) that is sent …☆40Updated 3 years ago
- ☆70Updated 7 months ago
- Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.☆99Updated 5 years ago