I was challenged by a friend to list all the processes and drivers in a system using more "unusual" methods. By doing this I learned quite a lot about the windows internals. To be specific I learned a lot about the undocumented structures and functions in the NTAPI.
☆14Jul 12, 2016Updated 9 years ago
Alternatives and similar repositories for UndocumentedNTAPI
Users that are interested in UndocumentedNTAPI are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Leveraging Platform Trust Technology (PTT) to defeat Driver Signing Enforcement (DSE) to run Kernel Drivers (KMDF) with Secure Boot Enabl…☆14Aug 22, 2022Updated 3 years ago
- Exploit PoC for CVE's and non CVE's alike☆22Jul 24, 2020Updated 5 years ago
- DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10☆53Mar 12, 2024Updated 2 years ago
- A C# implementation that disables Windows Firewall bypassing UAC☆18Oct 23, 2024Updated last year
- Simple ReShade injector | reshade.me☆12Jul 27, 2017Updated 8 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ntdll.h - compatible with MSVC 6.0, Intel C++ Compiler and MinGW. Serves as a complete replacement for Windows.h☆152Mar 7, 2026Updated last month
- Function hooks in Windows NT Kernel☆26Oct 13, 2020Updated 5 years ago
- Two PoC of accessing process virtual memory via NT Kernel☆22Jun 25, 2021Updated 4 years ago
- rust's std::result re-implemented in c++☆12Jan 8, 2022Updated 4 years ago
- just another windows dll loader with fancy gui, compatible both for 64 and 32 bit proccesses. (tested from windows 7 to 10)☆11Feb 1, 2020Updated 6 years ago
- Component Services Volatile Environment LPE☆12Jun 28, 2025Updated 10 months ago
- XOrCryptEx lightweight C Utility/Algorithm☆13Mar 3, 2022Updated 4 years ago
- Writes a custom message to your master boot record, inspired by XKCD☆16Apr 9, 2015Updated 11 years ago
- BottlEye is a usermode emulator for the popular anti-cheat BattlEye☆52Jul 7, 2020Updated 5 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- C & Shellcode Playground..☆10Dec 2, 2017Updated 8 years ago
- search for a driver/dll module that has a wanted section bigger than the size of your image☆20Aug 14, 2021Updated 4 years ago
- A fully compatible replacement of Windows NT NtCreateLowBoxToken syscall - precisely restored from reverse engineering☆43Jun 10, 2025Updated 10 months ago
- ☆34Apr 11, 2023Updated 3 years ago
- An simplest PE parser, which list all import and export entries☆12Oct 11, 2018Updated 7 years ago
- Incident Response Collections☆11Jul 24, 2018Updated 7 years ago
- FAUCET is an OpenFlow controller for multi table OpenFlow 1.3 switches, that implements layer 2 switching, VLANs, ACLs, and layer 3 IPv4 …☆14Nov 18, 2019Updated 6 years ago
- Zerokit shared code☆17Mar 28, 2019Updated 7 years ago
- DUQU MALWARE SOURCE + BINARY + More coming☆14Feb 6, 2023Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Test/benchmark of using 32-bit pointers in 64-bit code on Windows. Not an actual ABI, only inspired by Linux's x32 ABI.☆13Jun 7, 2019Updated 6 years ago
- A cryptography module for the game Garry's Mod that uses Crypto++.☆16May 29, 2023Updated 2 years ago
- Results of a recent FOIA for NIST documents related to the design of Dual EC DRBG. Via EFF and Rep. Grayson's office. See README for deta…☆24Feb 10, 2015Updated 11 years ago
- Binary Deobfuscation Series☆21Nov 20, 2019Updated 6 years ago
- ntoskrnl .data hooks for UM-KM communication☆52May 26, 2024Updated last year
- Display Languages Volatile Environment LPE☆12Jun 28, 2025Updated 10 months ago
- ☆132Oct 2, 2024Updated last year
- an iSCSI demo driver for Windows☆12Sep 21, 2015Updated 10 years ago
- ☆27Oct 18, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Source code on the 1.44MB 3.5 floppy accompanying the Windows NT File System Internals book.☆20Jul 31, 2019Updated 6 years ago
- Analyze Windows Systems for common and unique vulnerabilities☆11Jul 6, 2022Updated 3 years ago
- use windows ntdll api easily,☆23May 12, 2015Updated 10 years ago
- Windows Research Kernel☆37Sep 22, 2025Updated 7 months ago
- An emulator of the i386 computer system, composed of i386 cpu, ram and peripheral devices.☆14Feb 24, 2019Updated 7 years ago
- Extended library for using direct system calls on windows☆17Feb 6, 2022Updated 4 years ago
- Demonstrate the new FileDispositionInfoEx behavior☆15Nov 6, 2017Updated 8 years ago