xuyun018 / LPC-Local-Procedure-Call-Links
LPC (Local Procedure Call) is a portion of Windows NT kernel, used for fast communication between threads or processes. It can be also used for communication between kernel mode and user mode components (e.g. between driver and user application). This article contains description and an example how to use LPC communication.
☆15Updated 4 years ago
Alternatives and similar repositories for LPC-Local-Procedure-Call-
Users that are interested in LPC-Local-Procedure-Call- are comparing it to the libraries listed below
Sorting:
- PDB Explorer 是一个能够查看微软 pdb 文件(Program DataBase,程序数据库)的工具,它能够将 pdb 文件中的 struct、union 及 enum 类型的定义以 C/C++ 的语法显示出来,特别适合 Windows 底层研究人员及 DDK …☆38Updated 10 years ago
- Inject dll to process in driver☆10Updated last year
- Windows Server 2K3 NT 5☆12Updated 4 years ago
- A drop-in replacement for the C++ STL for kernel mode Windows drivers. The goal is to have implementations for things like the standard a…☆32Updated 9 years ago
- Driver Loader/BE Bypass/Win Malware(lol)☆36Updated 6 years ago
- The kernel mode Standard Template Library Template☆19Updated 5 years ago
- Interprocess communication library, providing the ability to call functions from each other☆20Updated 6 years ago
- A driver that supports communication between a Windows guest and HyperWin☆15Updated 5 years ago
- x64 assembler library☆31Updated last year
- A simple example how to decrypt kernel debugger data block☆31Updated 4 years ago
- ETW Tracing C++ project☆16Updated 5 years ago
- 管道监视器,类似于spyxx之类的东西,一般用于监视目标进程的系统调用.关键词:detours+piep☆23Updated 11 years ago
- Some eternal WIP stuff :)☆20Updated 2 months ago
- ☆14Updated 6 years ago
- XDK is a fully featured C++ wrapper library for Windows kernel development☆21Updated 9 years ago
- 对debughelp的二次开发☆11Updated 2 years ago
- Windows Console Monitor☆34Updated 6 years ago
- A stack and register based virtual machine which can compile and execute arbitrary code in runtime☆45Updated 10 months ago
- ☆39Updated 5 years ago
- SV-Assistant☆21Updated last year
- Windows ndiscap.sys adapter for WinPcap applications☆27Updated 9 years ago
- ☆10Updated 6 years ago
- ☆14Updated 4 years ago
- Very tiny and selective implementation of STL for Windows NT kernel mode drivers☆18Updated 4 years ago
- Detects if a Kernel mode debugger is active by reading the value of KUSER_SHARED_DATA.KdDebuggerEnabled. It is a high level and portable …☆23Updated 8 years ago
- Some crazy PE executables protection kernel driver☆20Updated 5 years ago
- x64 Kernel Hooks Detection☆24Updated 9 years ago
- windows LPC library☆43Updated 12 years ago
- Sysark全称system anti-rootkit,是我学习内核写的工具(2013年的代码,后续不会再更新),里面基本上所有的功能都是用内核实现的。这里只是实现了反rootkit部分功能,作为工具的话,本人觉得还欠完善,但作为学习,或有人需要。目前针对的是XP SP2,…☆27Updated 8 years ago
- Demo List cm/ps/ob/minifilter callback And Patch/Bypass it☆29Updated 8 years ago