yardenshafir / WinDbg_Scripts

Related projects ⓘ

Alternatives and complementary repositories for WinDbg_Scripts

• repnz / windbg-cheat-sheet
  My personal cheat sheet for using WinDbg for kernel debugging
  ☆388Updated last month
• mandiant / STrace
  A DTrace on Windows Reimplementation
  ☆328Updated 3 weeks ago
• airbus-cert / ttddbg
  Time Travel Debugging IDA plugin
  ☆553Updated 4 months ago
• hugsy / windbg_js_scripts
  Toy scripts for playing with WinDbg JS API
  ☆220Updated 4 months ago
• ElliotKillick / windows-vs-linux-loader-architecture
  Side-by-side comparison of the Windows and Linux (GNU) Loaders
  ☆290Updated 2 months ago
• 0vercl0k / windbg-scripts
  A bunch of JavaScript extensions for WinDbg.
  ☆320Updated 3 years ago
• LordNoteworthy / windows-internals
  My notes while studying Windows internals
  ☆400Updated this week
• zodiacon / EtwExplorer
  View ETW Provider manifest
  ☆433Updated 3 weeks ago
• trailofbits / RpcInvestigator
  Exploring RPC interfaces on Windows
  ☆284Updated 9 months ago
• gerhart01 / Hyper-V-Internals
  Internals information about Hyper-V
  ☆661Updated 2 months ago
• Cr4sh / KernelForge
  A library to develop kernel level Windows payloads for post HVCI era
  ☆366Updated 3 years ago
• hugsy / CFB
  Canadian Furious Beaver is a ProcMon-style tool designed only for capturing IRPs sent to any Windows driver.
  ☆310Updated 7 months ago
• yardenshafir / PoolViewer
  An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.
  ☆124Updated last year
• alexander-hanel / msdocsviewer
  msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation to be used within IDA.
  ☆148Updated 10 months ago
• OALabs / BlobRunner
  Quickly debug shellcode extracted during malware analysis
  ☆565Updated last year
• Sentinel-One / peafl64
  Static Binary Instrumentation tool for Windows x64 executables
  ☆180Updated 3 weeks ago
• zodiacon / windowskernelprogrammingbook2e
  Samples for the book Windows Kernel Programming, 2nd edition
  ☆294Updated this week
• TimMisiak / WinDbgCookbook
  This is a repo for small, useful scripts and extensions
  ☆241Updated last year
• commial / experiments
  Expriments
  ☆444Updated last month
• anhkgg / awesome-windbg-extensions
  awesome windbg extensions
  ☆314Updated 5 years ago
• commial / ttd-bindings
  Bindings for Microsoft WinDBG TTD
  ☆213Updated last year
• horsicq / xntsv
  XNTSV program for detailed viewing of system structures for Windows.
  ☆446Updated this week
• hfiref0x / WDExtract
  Extract Windows Defender database from vdm files and unpack it
  ☆425Updated 4 years ago
• OALabs / hashdb-ida
  HashDB API hash lookup plugin for IDA Pro
  ☆296Updated last month
• csandker / InterProcessCommunication-Samples
  Some Code Samples for Windows based Inter-Process-Communication (IPC)
  ☆161Updated 8 months ago
• hugsy / defcon_27_windbg_workshop
  DEFCON 27 workshop - Modern Debugging with WinDbg Preview
  ☆709Updated 3 weeks ago
• sam-b / windows_kernel_address_leaks
  Examples of leaking Kernel Mode information from User Mode on Windows
  ☆581Updated 7 years ago
• ionescu007 / clfs-docs
  Unofficial Common Log File System (CLFS) Documentation
  ☆164Updated 3 years ago
• 0xcpu / ExecutiveCallbackObjects
  Research on Windows Kernel Executive Callback Objects
  ☆278Updated 4 years ago
• Bw3ll / sharem
  SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…
  ☆343Updated 3 weeks ago