yardenshafir / MitigationFlagsCliToolView external linksLinks
Command like tool to print mitigation flags for running processes in a memory dump
☆47Sep 18, 2020Updated 5 years ago
Alternatives and similar repositories for MitigationFlagsCliTool
Users that are interested in MitigationFlagsCliTool are comparing it to the libraries listed below
Sorting:
- ☆68Dec 17, 2020Updated 5 years ago
- Tools made for my Hyper-V blog series @ https://foxhex0ne.blogspot.com/☆57Jun 21, 2020Updated 5 years ago
- x64 Windows implementation of virtual-address to physical-address translation☆46Jun 3, 2021Updated 4 years ago
- a dumb rpm/wpm example driver☆15Jun 7, 2021Updated 4 years ago
- An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.☆149Mar 2, 2023Updated 2 years ago
- Dumps information about all the callback objects found in a dump file and the functions registered for them☆37Oct 21, 2020Updated 5 years ago
- ☆132Oct 2, 2024Updated last year
- File system minifilter driver for Windows to block symbolic link attacks.☆52Dec 16, 2020Updated 5 years ago
- Dump of win32k POCs for bugs I've found☆381Mar 6, 2022Updated 3 years ago
- This repository contains some tools that I have written in the past☆28Nov 11, 2023Updated 2 years ago
- Map memory to user space and manipulate user memory, using capmon☆24Nov 3, 2018Updated 7 years ago
- A collection of tools, source code, and papers researching Windows' implementation of CET.☆88Oct 6, 2020Updated 5 years ago
- A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing…☆14Nov 8, 2020Updated 5 years ago
- Data and structures regarding the research done on WdFilter☆12Apr 15, 2020Updated 5 years ago
- ☆33Dec 22, 2020Updated 5 years ago
- collection of links related to using and improving windbg☆20Jun 17, 2018Updated 7 years ago
- NINA: No Injection, No Allocation x64 Process Injection Technique☆227Jun 9, 2020Updated 5 years ago
- WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API☆26Apr 24, 2022Updated 3 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆64Jun 19, 2019Updated 6 years ago
- PyKD DLLs for x86 and x64 platforms☆18Sep 13, 2023Updated 2 years ago
- ☆29Dec 29, 2022Updated 3 years ago
- A driver that hooks C: volume using symbolic link callback to track all FS access to the volume☆110Apr 24, 2020Updated 5 years ago
- Hyper-V Research is trendy now☆179Jan 23, 2026Updated 3 weeks ago
- 跨平台模拟执行unicorn框架基于Qemu的TCG模式(Tiny Code Generator),以无硬件虚拟化支持方式实现全系统的虚拟化,支持跨平台和架构的CPU指令模拟,本文讨论是一款笔者的实验性项目采用Windows Hypervisor Platform虚拟机模式…☆78Dec 17, 2023Updated 2 years ago
- A collection of various vulnerable (mostly physical memory exposing) drivers.☆444Jun 15, 2022Updated 3 years ago
- ☆25May 21, 2021Updated 4 years ago
- x86_64, PE32+, FAT32 bootloader☆27Jul 4, 2021Updated 4 years ago
- Different ways to get the HDD Serial☆39Apr 7, 2018Updated 7 years ago
- ☆48Jul 7, 2020Updated 5 years ago
- kernel-mode TDI client which can send and receive HTTP requests☆56Jun 9, 2018Updated 7 years ago
- POC for CVE-2021-1699☆17Mar 31, 2021Updated 4 years ago
- PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap☆215Jul 2, 2020Updated 5 years ago
- Шаблон полнофункционального драйвера и обёртки над ядерным API☆114Aug 28, 2016Updated 9 years ago
- CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers☆145Sep 5, 2020Updated 5 years ago
- Simple driver to register all available process, thread, image, Registry, and Object callbacks☆124Oct 5, 2017Updated 8 years ago
- Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider☆197Dec 6, 2022Updated 3 years ago
- ☆29Mar 9, 2024Updated last year
- Monitors ETW for security relevant syscalls maintaining the set called by each unique process☆87May 17, 2023Updated 2 years ago
- ☆41Jul 9, 2020Updated 5 years ago