An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.
☆151Mar 2, 2023Updated 3 years ago
Alternatives and similar repositories for PoolViewer
Users that are interested in PoolViewer are comparing it to the libraries listed below
Sorting:
- Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CV…☆260Sep 1, 2022Updated 3 years ago
- ☆12Aug 31, 2022Updated 3 years ago
- ☆166Sep 18, 2021Updated 4 years ago
- PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap☆214Jul 2, 2020Updated 5 years ago
- CFB is a ProcMon-style tool designed to assist capturing IRPs sent to Windows drivers.☆332Mar 26, 2024Updated last year
- ☆17Oct 31, 2022Updated 3 years ago
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆66Apr 4, 2020Updated 5 years ago
- Useful scripts for WinDbg using the debugger data model☆429Mar 27, 2024Updated last year
- ☆41Jul 9, 2020Updated 5 years ago
- HackSysExtremeVulnerableDriver exploits for latest Windows 10 version☆26Jan 13, 2026Updated 2 months ago
- Examples of leaking Kernel Mode information from User Mode on Windows☆635Jul 7, 2017Updated 8 years ago
- windbg plugin for win32k debugging☆75Oct 14, 2019Updated 6 years ago
- A library to develop kernel level Windows payloads for post HVCI era☆488May 18, 2021Updated 4 years ago
- Command like tool to print mitigation flags for running processes in a memory dump☆47Sep 18, 2020Updated 5 years ago
- Dumps information about all the callback objects found in a dump file and the functions registered for them☆38Oct 21, 2020Updated 5 years ago
- ☆271Jul 10, 2023Updated 2 years ago
- Dump of win32k POCs for bugs I've found☆380Mar 6, 2022Updated 4 years ago
- Resolve DOS MZ executable symbols at runtime☆96Nov 12, 2021Updated 4 years ago
- Driver demonstrating how to register a DPC to asynchronously wait on an object☆50Jan 15, 2021Updated 5 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆104May 14, 2020Updated 5 years ago
- Tools made for my Hyper-V blog series @ https://foxhex0ne.blogspot.com/☆58Jun 21, 2020Updated 5 years ago
- Simple Demo of using Windows Hypervisor Platform☆29Jul 14, 2025Updated 8 months ago
- Toy scripts for playing with WinDbg JS API☆243Jul 8, 2024Updated last year
- A Windows kernel dump C++ parser library with Python 3 bindings.☆213Oct 5, 2025Updated 5 months ago
- This is the P.O.C source for hooking the system calls on Windows 10 (1903) using it's dynamic trace feature weakness☆58Sep 12, 2019Updated 6 years ago
- CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers☆145Sep 5, 2020Updated 5 years ago
- VMX intrinsics plugin for Hex-Rays decompiler☆74Oct 28, 2019Updated 6 years ago
- Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2☆250Jul 5, 2022Updated 3 years ago
- PoC demonstrating the use of cve-2020-1034 for privilege escalation☆126Mar 16, 2021Updated 5 years ago
- kernel pool windbg extension☆83Jul 23, 2015Updated 10 years ago
- ☆151Jan 7, 2020Updated 6 years ago
- Exploring Windows Internals.☆64Aug 18, 2020Updated 5 years ago
- A driver that supports communication between a Windows guest and HyperWin☆15Jan 6, 2021Updated 5 years ago
- Toolkit for Hyper-V security research☆158Mar 7, 2022Updated 4 years ago
- Snapshot-based coverage-guided windows kernel fuzzer☆325Dec 16, 2021Updated 4 years ago
- The history of Windows Internals via symbols.☆181Nov 4, 2021Updated 4 years ago
- Simple library to spray the Windows Kernel Pool☆110Jan 6, 2020Updated 6 years ago
- x64 Windows implementation of virtual-address to physical-address translation☆49Jun 3, 2021Updated 4 years ago
- elgoog/searchme challenge from 34C3 CTF / WCTF 2018: sources & exploit☆68Jul 9, 2018Updated 7 years ago