yardenshafir / WinDbg_ScriptsLinks
Useful scripts for WinDbg using the debugger data model
☆413Updated last year
Alternatives and similar repositories for WinDbg_Scripts
Users that are interested in WinDbg_Scripts are comparing it to the libraries listed below
Sorting:
- My personal cheat sheet for using WinDbg for kernel debugging☆420Updated last month
- A DTrace on Windows Reimplementation☆348Updated 4 months ago
- A bunch of JavaScript extensions for WinDbg.☆340Updated 6 months ago
- Toy scripts for playing with WinDbg JS API☆228Updated 10 months ago
- Time Travel Debugging IDA plugin☆586Updated 11 months ago
- Expriments☆458Updated 8 months ago
- Bindings for Microsoft WinDBG TTD☆223Updated last year
- Extract Windows Defender database from vdm files and unpack it☆440Updated 5 years ago
- DEFCON 27 workshop - Modern Debugging with WinDbg Preview☆723Updated 7 months ago
- Exploring RPC interfaces on Windows☆321Updated last year
- Internals information about Hyper-V☆690Updated last month
- View ETW Provider manifest☆489Updated 7 months ago
- A library to develop kernel level Windows payloads for post HVCI era☆408Updated 4 years ago
- An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.☆139Updated 2 years ago
- awesome windbg extensions☆331Updated 6 years ago
- Canadian Furious Beaver is a ProcMon-style tool designed only for capturing IRPs sent to any Windows driver.☆321Updated last year
- XNTSV program for detailed viewing of system structures for Windows.☆461Updated this week
- Static Binary Instrumentation tool for Windows x64 executables☆203Updated last month
- This is a repo for small, useful scripts and extensions☆250Updated 2 years ago
- Operating System Design Review: A systemic analysis of modern systems architecture☆313Updated 3 months ago
- Sysmon-Like research tool for ETW☆353Updated 2 years ago
- Advanced driver monitoring utility.☆210Updated 2 years ago
- Enumerating and removing kernel callbacks using signed vulnerable drivers☆563Updated 2 years ago
- My notes while studying Windows internals☆427Updated 5 months ago
- Research on Windows Kernel Executive Callback Objects☆287Updated 5 years ago
- Web-based tool that allows comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the …☆344Updated last month
- msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation to be used within IDA.☆151Updated last year
- Examples of leaking Kernel Mode information from User Mode on Windows☆604Updated 7 years ago
- Some Code Samples for Windows based Inter-Process-Communication (IPC)☆175Updated last year
- Events from all manifest-based and mof-based ETW providers across Windows 10 versions☆299Updated last year