yardenshafir / WinDbg_ScriptsLinks
Useful scripts for WinDbg using the debugger data model
☆414Updated last year
Alternatives and similar repositories for WinDbg_Scripts
Users that are interested in WinDbg_Scripts are comparing it to the libraries listed below
Sorting:
- My personal cheat sheet for using WinDbg for kernel debugging☆424Updated 2 months ago
- A bunch of JavaScript extensions for WinDbg.☆343Updated 6 months ago
- Toy scripts for playing with WinDbg JS API☆232Updated 11 months ago
- A DTrace on Windows Reimplementation☆348Updated 4 months ago
- Time Travel Debugging IDA plugin☆587Updated 11 months ago
- An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.☆139Updated 2 years ago
- Extract Windows Defender database from vdm files and unpack it☆443Updated last week
- Expriments☆463Updated 8 months ago
- Exploring RPC interfaces on Windows☆322Updated last year
- msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation to be used within IDA.☆152Updated last year
- This is a repo for small, useful scripts and extensions☆250Updated 2 years ago
- View ETW Provider manifest☆498Updated 7 months ago
- Events from all manifest-based and mof-based ETW providers across Windows 10 versions☆299Updated last year
- Internals information about Hyper-V☆695Updated this week
- My notes while studying Windows internals☆431Updated 6 months ago
- Samples for the book Windows Kernel Programming, 2nd edition☆341Updated 6 months ago
- Canadian Furious Beaver is a ProcMon-style tool designed only for capturing IRPs sent to any Windows driver.☆322Updated last year
- Web-based tool that allows comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the …☆345Updated this week
- DEFCON 27 workshop - Modern Debugging with WinDbg Preview☆726Updated 7 months ago
- Bindings for Microsoft WinDBG TTD☆225Updated last year
- Examples of leaking Kernel Mode information from User Mode on Windows☆605Updated 7 years ago
- Enumerating and removing kernel callbacks using signed vulnerable drivers☆566Updated 2 years ago
- Quickly debug shellcode extracted during malware analysis☆604Updated 2 years ago
- Research on Windows Kernel Executive Callback Objects☆288Updated 5 years ago
- Operating System Design Review: A systemic analysis of modern systems architecture☆314Updated 4 months ago
- RpcView is a free tool to explore and decompile Microsoft RPC interfaces☆983Updated last year
- Sysmon-Like research tool for ETW☆354Updated 2 years ago
- A library to develop kernel level Windows payloads for post HVCI era☆411Updated 4 years ago
- Source code for File Test - Interactive File System Test Tool☆286Updated 2 months ago
- Advanced driver monitoring utility.☆212Updated 2 years ago