waleedassar/RestrictedKernelLeaks external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

waleedassar/RestrictedKernelLeaks

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/waleedassar/RestrictedKernelLeaks)

Close

waleedassar / RestrictedKernelLeaksView on GitHubMore

• External links
• Readme badge

☆165Sep 18, 2021Updated 4 years ago

Alternatives and similar repositories for RestrictedKernelLeaks

Users that are interested in RestrictedKernelLeaks are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• waleedassar / SyscallNumberFinder

  View on GitHub
  ☆32Sep 24, 2021Updated 4 years ago
• yardenshafir / PoolViewer

  View on GitHub
  An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.
  ☆150Mar 2, 2023Updated 3 years ago
• VoidSec / ioctlpus

  View on GitHub
  IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).
  ☆99Dec 20, 2021Updated 4 years ago
• vp777 / Windows-Non-Paged-Pool-Overflow-Exploitation

  View on GitHub
  Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CV…
  ☆261Sep 1, 2022Updated 3 years ago
• Cr4sh / KernelForge

  View on GitHub
  A library to develop kernel level Windows payloads for post HVCI era
  ☆506May 18, 2021Updated 5 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• yardenshafir / KernelDataStructureFinder

  View on GitHub
  Driver and WinDBG scripts to dump information about all resources and lookaside lists
  ☆66Apr 4, 2020Updated 6 years ago
• can1357 / NtRays

  View on GitHub
  Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.
  ☆666Jan 28, 2025Updated last year
• gdabah / win32k-bugs

  View on GitHub
  Dump of win32k POCs for bugs I've found
  ☆378Mar 6, 2022Updated 4 years ago
• hugsy / CFB

  View on GitHub
  CFB is a ProcMon-style tool designed to assist capturing IRPs sent to Windows drivers.
  ☆334Mar 26, 2024Updated 2 years ago
• kkent030315 / PageTableInjection

  View on GitHub
  Code Injection, Inject malicious payload via pagetables pml4.
  ☆244Jul 7, 2021Updated 4 years ago
• gerhart01 / Hyper-V-Internals

  View on GitHub
  Internals information about Hyper-V
  ☆739May 6, 2026Updated 2 weeks ago
• hugsy / windbg_js_scripts

  View on GitHub
  Toy scripts for playing with WinDbg JS API
  ☆244Jul 8, 2024Updated last year
• theori-io / v8-sbx-bypass-wasm

  View on GitHub
  ☆40Jan 26, 2024Updated 2 years ago
• kkent030315 / NoPatchGuardCallback

  View on GitHub
  x64 Windows PatchGuard bypass, register process-creation callbacks from unsigned code
  ☆207May 27, 2021Updated 4 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• synacktiv / Windows-kernel-SegmentHeap-Aligned-Chunk-Confusion

  View on GitHub
  PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap
  ☆211Jul 2, 2020Updated 5 years ago
• yardenshafir / cet-research

  View on GitHub
  A collection of tools, source code, and papers researching Windows' implementation of CET.
  ☆93Oct 6, 2020Updated 5 years ago
• hugsy / defcon_27_windbg_workshop

  View on GitHub
  DEFCON 27 workshop - Modern Debugging with WinDbg Preview
  ☆747Nov 1, 2024Updated last year
• kkent030315 / NtSymbol

  View on GitHub
  Resolve DOS MZ executable symbols at runtime
  ☆97Nov 12, 2021Updated 4 years ago
• sam-b / windows_kernel_address_leaks

  View on GitHub
  Examples of leaking Kernel Mode information from User Mode on Windows
  ☆639Jul 7, 2017Updated 8 years ago
• Air14 / KDBGDecryptor

  View on GitHub
  A simple example how to decrypt kernel debugger data block
  ☆32Feb 8, 2021Updated 5 years ago
• passthehashbrowns / hiding-your-syscalls

  View on GitHub
  Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…
  ☆219Feb 20, 2023Updated 3 years ago
• VollRagm / PTView

  View on GitHub
  Browse Page Tables on Windows (Page Table Viewer)
  ☆239Apr 2, 2022Updated 4 years ago
• armasm / EasyAntiPatchGuard

  View on GitHub
  Easy Anti PatchGuard
  ☆221Apr 9, 2021Updated 5 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• VoidSec / DriverBuddyReloaded

  View on GitHub
  Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks
  ☆422Jul 4, 2025Updated 10 months ago
• LloydLabs / delete-self-poc

  View on GitHub
  A way to delete a locked file, or current running executable, on disk.
  ☆620Nov 5, 2025Updated 6 months ago
• ioncodes / pooldump

  View on GitHub
  ☆31Jan 12, 2022Updated 4 years ago
• NtRaiseHardError / Sysmon

  View on GitHub
  Sysmon shenanigans
  ☆66Oct 9, 2020Updated 5 years ago
• commial / ttd-bindings

  View on GitHub
  Bindings for Microsoft WinDBG TTD
  ☆240Aug 5, 2023Updated 2 years ago
• KiFilterFiberContext / warbird-hook

  View on GitHub
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆270Aug 31, 2022Updated 3 years ago
• yardenshafir / MitigationFlagsCliTool

  View on GitHub
  Command like tool to print mitigation flags for running processes in a memory dump
  ☆48Sep 18, 2020Updated 5 years ago
• hasherezade / process_ghosting

  View on GitHub
  Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted fi…
  ☆694Mar 11, 2024Updated 2 years ago
• waleedassar / SyscallNumberExtractor

  View on GitHub
  ☆24Sep 26, 2021Updated 4 years ago
• Open source password manager - Proton Pass • Ad
  Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
• namazso / msvcrt.lib

  View on GitHub
  .lib file for linking against the NT CRT
  ☆19Mar 18, 2022Updated 4 years ago
• zodiacon / KernelObjectView

  View on GitHub
  View handles and object for each object type
  ☆67Sep 1, 2019Updated 6 years ago
• 0xcpu / WinAltSyscallHandler

  View on GitHub
  Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999
  ☆242Nov 6, 2019Updated 6 years ago
• am0nsec / wspe

  View on GitHub
  Windows System Programming Experiments
  ☆221Jun 13, 2022Updated 3 years ago
• hasherezade / transacted_hollowing

  View on GitHub
  Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging
  ☆584Mar 8, 2024Updated 2 years ago
• connormcgarr / Kernel-Escalation-of-Privileges-Payloads

  View on GitHub
  NT AUTHORITY\SYSTEM
  ☆43Jul 8, 2020Updated 5 years ago
• yardenshafir / DpcWait

  View on GitHub
  Driver demonstrating how to register a DPC to asynchronously wait on an object
  ☆51Jan 15, 2021Updated 5 years ago