Dumps information about all the callback objects found in a dump file and the functions registered for them
☆38Oct 21, 2020Updated 5 years ago
Alternatives and similar repositories for CallbackObjectAnalyzer
Users that are interested in CallbackObjectAnalyzer are comparing it to the libraries listed below
Sorting:
- ☆20Jul 9, 2019Updated 6 years ago
- ☆17Oct 31, 2022Updated 3 years ago
- Command like tool to print mitigation flags for running processes in a memory dump☆47Sep 18, 2020Updated 5 years ago
- Call 32bit NtDLL API directly from WoW64 Layer☆62Nov 18, 2020Updated 5 years ago
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆66Apr 4, 2020Updated 5 years ago
- A POC for Windows Extension Host hooking☆24Jul 13, 2019Updated 6 years ago
- An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.☆151Mar 2, 2023Updated 3 years ago
- a simple intel vt code both support x86 & x64. PatchGuard monitor.☆77Oct 28, 2021Updated 4 years ago
- Enumerate user mode shared memory mappings on Windows.☆134Feb 14, 2021Updated 5 years ago
- A C++ syscall ID extractor for Windows. Developed, debugged and tested on 20H2.☆21May 25, 2021Updated 4 years ago
- A simple API monitor for Windbg☆65Apr 22, 2017Updated 8 years ago
- A tool for Windows that can make any program work within file-system transactions.☆59Nov 12, 2020Updated 5 years ago
- This is a random process injector, and more injection techniques will be added in the future.☆13Jul 17, 2020Updated 5 years ago
- Experiments involving the Windows Hypervisor Platform☆23Jun 24, 2020Updated 5 years ago
- Demos and presentation from SECArmy Village Grayhat 2020☆37Mar 15, 2023Updated 3 years ago
- A collection of scripts used to support an OffSecOps pipeline.☆15Jan 31, 2021Updated 5 years ago
- ☆73Oct 24, 2021Updated 4 years ago
- ☆35Jul 20, 2021Updated 4 years ago
- ☆38Jul 14, 2020Updated 5 years ago
- inject shellcode into remote process via message hook☆15Oct 28, 2020Updated 5 years ago
- Position-idependent Windows DLL loader based on ReflectiveDLL project.☆101Nov 5, 2018Updated 7 years ago
- A driver that hooks C: volume using symbolic link callback to track all FS access to the volume☆109Apr 24, 2020Updated 5 years ago
- Open Course for diving security internal☆52Nov 11, 2019Updated 6 years ago
- Sysmon shenanigans☆66Oct 9, 2020Updated 5 years ago
- The report and the exploit of CVE-2021-26943, the kernel-to-SMM local privilege escalation vulnerability in ASUS UX360CA BIOS version 303…☆145Mar 29, 2021Updated 4 years ago
- A tool to create COM class/interface relationships in neo4j☆50Oct 12, 2022Updated 3 years ago
- Google Chrome Use After Free☆61May 23, 2022Updated 3 years ago
- 动态加解密shellcode并上线☆24Jul 10, 2021Updated 4 years ago
- NDC Oslo 2019 slides and demos☆33Nov 26, 2020Updated 5 years ago
- Remote memory library in C++17.☆34May 31, 2018Updated 7 years ago
- ☆85Jan 12, 2022Updated 4 years ago
- CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers☆145Sep 5, 2020Updated 5 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 5 years ago
- API Set resolver for Windows☆143Sep 11, 2024Updated last year
- Code Injection, Inject malicious payload via pagetables pml4.☆243Jul 7, 2021Updated 4 years ago
- ☆14Mar 8, 2019Updated 7 years ago
- Monitor ETW events for Windows process mitigation policies, with stack traces☆31Oct 7, 2022Updated 3 years ago
- Driver demonstrating how to register a DPC to asynchronously wait on an object☆50Jan 15, 2021Updated 5 years ago
- CFB is a ProcMon-style tool designed to assist capturing IRPs sent to Windows drivers.☆332Mar 26, 2024Updated last year