Dumps information about all the callback objects found in a dump file and the functions registered for them
☆37Oct 21, 2020Updated 5 years ago
Alternatives and similar repositories for CallbackObjectAnalyzer
Users that are interested in CallbackObjectAnalyzer are comparing it to the libraries listed below
Sorting:
- ☆20Jul 9, 2019Updated 6 years ago
- A POC for Windows Extension Host hooking☆24Jul 13, 2019Updated 6 years ago
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆66Apr 4, 2020Updated 5 years ago
- a simple intel vt code both support x86 & x64. PatchGuard monitor.☆77Oct 28, 2021Updated 4 years ago
- An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.☆149Mar 2, 2023Updated 2 years ago
- A C++ syscall ID extractor for Windows. Developed, debugged and tested on 20H2.☆21May 25, 2021Updated 4 years ago
- A REALLY Danger Windows Driver, Turn Any threads Ring0!☆13Aug 11, 2025Updated 6 months ago
- A tool for Windows that can make any program work within file-system transactions.☆59Nov 12, 2020Updated 5 years ago
- This is a random process injector, and more injection techniques will be added in the future.☆13Jul 17, 2020Updated 5 years ago
- Enumerate user mode shared memory mappings on Windows.☆128Feb 14, 2021Updated 5 years ago
- Experiments involving the Windows Hypervisor Platform☆23Jun 24, 2020Updated 5 years ago
- Command like tool to print mitigation flags for running processes in a memory dump☆47Sep 18, 2020Updated 5 years ago
- A collection of scripts used to support an OffSecOps pipeline.☆15Jan 31, 2021Updated 5 years ago
- Call 32bit NtDLL API directly from WoW64 Layer☆62Nov 18, 2020Updated 5 years ago
- Open Course for diving security internal☆52Nov 11, 2019Updated 6 years ago
- The report and the exploit of CVE-2021-26943, the kernel-to-SMM local privilege escalation vulnerability in ASUS UX360CA BIOS version 303…☆144Mar 29, 2021Updated 4 years ago
- API Set resolver for Windows☆141Sep 11, 2024Updated last year
- ☆85Jan 12, 2022Updated 4 years ago
- ☆14Mar 8, 2019Updated 6 years ago
- inject shellcode into remote process via message hook☆15Oct 28, 2020Updated 5 years ago
- Code Injection, Inject malicious payload via pagetables pml4.☆243Jul 7, 2021Updated 4 years ago
- A driver that hooks C: volume using symbolic link callback to track all FS access to the volume☆110Apr 24, 2020Updated 5 years ago
- ☆73Oct 24, 2021Updated 4 years ago
- CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers☆145Sep 5, 2020Updated 5 years ago
- A simple API monitor for Windbg☆65Apr 22, 2017Updated 8 years ago
- ☆17Oct 31, 2022Updated 3 years ago
- Remote memory library in C++17.☆34May 31, 2018Updated 7 years ago
- Monitor ETW events for Windows process mitigation policies, with stack traces☆31Oct 7, 2022Updated 3 years ago
- Position-idependent Windows DLL loader based on ReflectiveDLL project.☆101Nov 5, 2018Updated 7 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 5 years ago
- x64 Registration-Free In-Process COM Automation Server.☆51Nov 28, 2022Updated 3 years ago
- A tool to create COM class/interface relationships in neo4j☆50Oct 12, 2022Updated 3 years ago
- ☆21Sep 6, 2018Updated 7 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆37Jul 27, 2021Updated 4 years ago
- CFB is a ProcMon-style tool designed to assist capturing IRPs sent to Windows drivers.☆333Mar 26, 2024Updated last year
- ☆38Jul 14, 2020Updated 5 years ago
- ☆35Jul 20, 2021Updated 4 years ago
- Google Chrome Use After Free☆61May 23, 2022Updated 3 years ago
- ☆18Apr 4, 2019Updated 6 years ago