yardenshafir / CallbackObjectAnalyzer
Dumps information about all the callback objects found in a dump file and the functions registered for them
☆34Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for CallbackObjectAnalyzer
- Blog posts☆30Updated 4 years ago
- ☆20Updated 3 years ago
- Command like tool to print mitigation flags for running processes in a memory dump☆44Updated 4 years ago
- ☆17Updated 3 years ago
- Data and structures regarding the research done on WdFilter☆13Updated 4 years ago
- ☆32Updated 3 years ago
- ☆31Updated 4 years ago
- Windbg extension that allows you analyze Control Flow Guard map☆36Updated 3 years ago
- Sysmon shenanigans☆65Updated 4 years ago
- An IDA plugin to deal with Event Tracing for Windows (ETW)☆50Updated 2 years ago
- Extract data of TTD trace file to a minidump☆28Updated last year
- Local OXID Resolver (LCLOR) : Research and Tooling☆33Updated 3 years ago
- A ready-made template for a project based on libpeconv.☆41Updated last month
- Adding exceptions to Microsoft's Control Flow Guard (CFG)☆59Updated 8 years ago
- Open-source EDR kernel-component for system monitoring and DLL injection☆30Updated 4 years ago
- This is a simple tool to dump all the reparse points on an NTFS volume.☆31Updated 4 years ago
- Demos and presentation from SECArmy Village Grayhat 2020☆36Updated last year
- Example for PagedOut!☆24Updated 5 years ago
- Windows x64 Process Scanner to detect application compatability shims☆36Updated 6 years ago
- ☆33Updated 7 years ago
- ☆22Updated 4 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆26Updated 7 years ago
- A POC for Windows Extension Host hooking☆22Updated 5 years ago
- Clone running process with ZwCreateProcess☆58Updated 4 years ago
- Windows 10 UAC bypass PoC using LaunchInfSection☆34Updated 6 years ago
- Headers for linking your software with ntdll.dll☆15Updated 4 years ago