Exploring Windows Internals.
☆64Aug 18, 2020Updated 5 years ago
Alternatives and similar repositories for windows-internals
Users that are interested in windows-internals are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A driver that supports communication between a Windows guest and HyperWin☆15Jan 6, 2021Updated 5 years ago
- Driver Loader/BE Bypass/Win Malware(lol)☆36Jun 25, 2019Updated 6 years ago
- Tools made for my Hyper-V blog series @ https://foxhex0ne.blogspot.com/☆58Jun 21, 2020Updated 5 years ago
- Yet another windows syscall library☆18Jun 22, 2020Updated 5 years ago
- ☆19Jun 20, 2019Updated 6 years ago
- ☆39Oct 29, 2020Updated 5 years ago
- displays processes, modules and memory layout☆17Aug 4, 2020Updated 5 years ago
- Stealthy Injector that leverages a vulnerable driver and other exploits to remain undetected☆37Dec 10, 2018Updated 7 years ago
- Hide codes/data in the kernel address space.☆188May 8, 2021Updated 4 years ago
- This is the P.O.C source for hooking the system calls on Windows 10 (1903) using it's dynamic trace feature weakness☆58Sep 12, 2019Updated 6 years ago
- ☆31Jul 27, 2020Updated 5 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆105May 14, 2020Updated 5 years ago
- win10 pgContext dynamic dump (btc version)☆110Jan 15, 2020Updated 6 years ago
- ☆69Dec 17, 2020Updated 5 years ago
- Open Course for diving security internal☆52Nov 11, 2019Updated 6 years ago
- ☆18Oct 12, 2014Updated 11 years ago
- x86/x64 dll injector☆31May 17, 2022Updated 3 years ago
- Research on Windows Kernel Executive Callback Objects☆316Feb 22, 2020Updated 6 years ago
- fix vmprotect import function used unicorn-engine.☆99Apr 4, 2023Updated 2 years ago
- Monitor ETW events for Windows process mitigation policies, with stack traces☆31Oct 7, 2022Updated 3 years ago
- a frame of amd-v svm nest☆53Apr 7, 2020Updated 5 years ago
- A documented Windows x64 bit Usermode Injector that works via hooking IAT and hijacking its threads to execute shellcode.☆65Aug 31, 2023Updated 2 years ago
- ☆15Oct 7, 2020Updated 5 years ago
- A simple kernel mode driver that hooks some values at the KUSER_SHARED_DATA structure.☆27Jan 7, 2020Updated 6 years ago
- An easy to use modern C++14/17 async cross-platform logger which supports custom formatting/patterns, colored output, Unicode, file loggi…☆26May 15, 2020Updated 5 years ago
- a simple intel vt code both support x86 & x64. PatchGuard monitor.☆77Oct 28, 2021Updated 4 years ago
- An IDA plugin to deal with Event Tracing for Windows (ETW)☆56Jul 8, 2022Updated 3 years ago
- ☆116Oct 1, 2019Updated 6 years ago
- ayy debuger☆90Mar 3, 2024Updated 2 years ago
- An example of a client and server using Windows' ALPC functions to send and receive data.☆118Jan 21, 2025Updated last year
- ☆14Oct 5, 2019Updated 6 years ago
- Communication via callback☆73Oct 9, 2019Updated 6 years ago
- VT-based PCI device monitor (SPI)☆158Oct 29, 2020Updated 5 years ago
- A working version of this tutorial: https://docs.microsoft.com/en-us/windows/desktop/rpc/tutorial☆16Jun 22, 2019Updated 6 years ago
- Lightweight WINAPI tracing with Pin☆27Aug 22, 2019Updated 6 years ago
- Self-Loading Registration Free COM Functions☆11Nov 12, 2019Updated 6 years ago
- CFB is a ProcMon-style tool designed to assist capturing IRPs sent to Windows drivers.☆332Mar 26, 2024Updated last year
- ☆163Oct 29, 2020Updated 5 years ago
- An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.☆151Mar 2, 2023Updated 3 years ago