I was challenged by a friend to list all the processes and drivers in a system using more "unusual" methods. By doing this I learned quite a lot about the windows internals. To be specific I learned a lot about the undocumented structures and functions in the NTAPI.
☆14Jul 12, 2016Updated 9 years ago
Alternatives and similar repositories for UndocumentedNTAPI
Users that are interested in UndocumentedNTAPI are comparing it to the libraries listed below
Sorting:
- Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.☆32May 18, 2022Updated 3 years ago
- Leveraging Platform Trust Technology (PTT) to defeat Driver Signing Enforcement (DSE) to run Kernel Drivers (KMDF) with Secure Boot Enabl…☆14Aug 22, 2022Updated 3 years ago
- Exploit PoC for CVE's and non CVE's alike☆22Jul 24, 2020Updated 5 years ago
- DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10☆53Mar 12, 2024Updated 2 years ago
- A C# implementation that disables Windows Firewall bypassing UAC☆17Oct 23, 2024Updated last year
- Simple ReShade injector | reshade.me☆12Jul 27, 2017Updated 8 years ago
- ntdll.h - compatible with MSVC 6.0, Intel C++ Compiler and MinGW. Serves as a complete replacement for Windows.h☆150Mar 7, 2026Updated 2 weeks ago
- Function hooks in Windows NT Kernel☆27Oct 13, 2020Updated 5 years ago
- Two PoC of accessing process virtual memory via NT Kernel☆22Jun 25, 2021Updated 4 years ago
- just another windows dll loader with fancy gui, compatible both for 64 and 32 bit proccesses. (tested from windows 7 to 10)☆11Feb 1, 2020Updated 6 years ago
- Component Services Volatile Environment LPE☆12Jun 28, 2025Updated 8 months ago
- XOrCryptEx lightweight C Utility/Algorithm☆11Mar 3, 2022Updated 4 years ago
- Writes a custom message to your master boot record, inspired by XKCD☆16Apr 9, 2015Updated 10 years ago
- BottlEye is a usermode emulator for the popular anti-cheat BattlEye☆52Jul 7, 2020Updated 5 years ago
- C & Shellcode Playground..☆10Dec 2, 2017Updated 8 years ago
- search for a driver/dll module that has a wanted section bigger than the size of your image☆20Aug 14, 2021Updated 4 years ago
- A fully compatible replacement of Windows NT NtCreateLowBoxToken syscall - precisely restored from reverse engineering☆43Jun 10, 2025Updated 9 months ago
- An simplest PE parser, which list all import and export entries☆12Oct 11, 2018Updated 7 years ago
- ☆34Apr 11, 2023Updated 2 years ago
- Incident Response Collections☆11Jul 24, 2018Updated 7 years ago
- GoldenEye: Source on SDK 2007☆15Aug 7, 2017Updated 8 years ago
- Simple tool to perform AStyle formatting in a git repository.☆15Jun 19, 2025Updated 9 months ago
- FAUCET is an OpenFlow controller for multi table OpenFlow 1.3 switches, that implements layer 2 switching, VLANs, ACLs, and layer 3 IPv4 …☆14Nov 18, 2019Updated 6 years ago
- Zerokit shared code☆17Mar 28, 2019Updated 6 years ago
- DUQU MALWARE SOURCE + BINARY + More coming☆13Feb 6, 2023Updated 3 years ago
- Test/benchmark of using 32-bit pointers in 64-bit code on Windows. Not an actual ABI, only inspired by Linux's x32 ABI.☆13Jun 7, 2019Updated 6 years ago
- A cryptography module for the game Garry's Mod that uses Crypto++.☆16May 29, 2023Updated 2 years ago
- Results of a recent FOIA for NIST documents related to the design of Dual EC DRBG. Via EFF and Rep. Grayson's office. See README for deta…☆24Feb 10, 2015Updated 11 years ago
- Binary Deobfuscation Series☆21Nov 20, 2019Updated 6 years ago
- ntoskrnl .data hooks for UM-KM communication☆54May 26, 2024Updated last year
- Display Languages Volatile Environment LPE☆12Jun 28, 2025Updated 8 months ago
- ☆131Oct 2, 2024Updated last year
- an iSCSI demo driver for Windows☆12Sep 21, 2015Updated 10 years ago
- ☆27Oct 18, 2023Updated 2 years ago
- Source code on the 1.44MB 3.5 floppy accompanying the Windows NT File System Internals book.☆20Jul 31, 2019Updated 6 years ago
- Analyze Windows Systems for common and unique vulnerabilities☆10Jul 6, 2022Updated 3 years ago
- Windows Research Kernel☆37Sep 22, 2025Updated 5 months ago
- Extended library for using direct system calls on windows☆17Feb 6, 2022Updated 4 years ago
- MSDN data annotation for radare2☆13Jul 2, 2024Updated last year