yardenshafir/cet-research external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

yardenshafir/cet-research

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/yardenshafir/cet-research)

Close

yardenshafir / cet-researchView on GitHubMore

• External links
• Readme badge

A collection of tools, source code, and papers researching Windows' implementation of CET.

☆90Oct 6, 2020Updated 5 years ago

Alternatives and similar repositories for cet-research

Users that are interested in cet-research are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• gabriellandau / CISpotter

  View on GitHub
  Code Integrity Violation Spotter
  ☆17Jun 11, 2024Updated last year
• gabriellandau / ShadowStackWalk

  View on GitHub
  Finding Truth in the Shadows
  ☆125Jan 26, 2023Updated 3 years ago
• jdu2600 / CFG-FindHiddenShellcode

  View on GitHub
  Walks the CFG bitmap to find previously executable but currently hidden shellcode regions
  ☆134May 17, 2023Updated 2 years ago
• armasm / EasyAntiPatchGuard

  View on GitHub
  Easy Anti PatchGuard
  ☆222Apr 9, 2021Updated 4 years ago
• namazso / msvcrt.lib

  View on GitHub
  .lib file for linking against the NT CRT
  ☆19Mar 18, 2022Updated 4 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• 0xcpu / exthost

  View on GitHub
  A POC for Windows Extension Host hooking
  ☆24Jul 13, 2019Updated 6 years ago
• Colton1skees / WinTTD

  View on GitHub
  Reverse engineered API for Microsoft's Time Travel Debugger
  ☆36Apr 18, 2024Updated last year
• ioncodes / rapid-kdbg-hyperv

  View on GitHub
  ☆15Mar 13, 2023Updated 3 years ago
• gmh5225 / warbird-example

  View on GitHub
  ☆24Jul 15, 2023Updated 2 years ago
• repnz / apc-research

  View on GitHub
  APC Internals Research Code
  ☆169Jun 28, 2020Updated 5 years ago
• GB102 / VirtualEXploiter

  View on GitHub
  VFGadget locator to facilitate Counterfeit Object-Oriented Programming (COOP) and Loop-Oriented Programming (LOP) attacks to bypass advan…
  ☆24Mar 16, 2025Updated last year
• yardenshafir / MitigationFlagsCliTool

  View on GitHub
  Command like tool to print mitigation flags for running processes in a memory dump
  ☆47Sep 18, 2020Updated 5 years ago
• yardenshafir / IoRingReadWritePrimitive

  View on GitHub
  Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2
  ☆250Jul 5, 2022Updated 3 years ago
• KiFilterFiberContext / warbird-hook

  View on GitHub
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆270Aug 31, 2022Updated 3 years ago
• Wordpress hosting with auto-scaling on Cloudways • Ad
  Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
• waleedassar / RestrictedKernelLeaks

  View on GitHub
  ☆166Sep 18, 2021Updated 4 years ago
• 0ffffffffh / system_call_hook_win10_1903

  View on GitHub
  This is the P.O.C source for hooking the system calls on Windows 10 (1903) using it's dynamic trace feature weakness
  ☆58Sep 12, 2019Updated 6 years ago
• jxy-s / vfdynf

  View on GitHub
  Application Verifier Dynamic Fault Injection
  ☆41Jan 12, 2026Updated 2 months ago
• honorarybot / WinDbgSettings

  View on GitHub
  WinDbg workplace settings that I use for debugging
  ☆17Aug 3, 2017Updated 8 years ago
• elastic / PPLGuard

  View on GitHub
  ☆70Feb 6, 2025Updated last year
• pathtofile / SealighterTI

  View on GitHub
  Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider
  ☆198Dec 6, 2022Updated 3 years ago
• ionescu007 / winipt

  View on GitHub
  The Windows Library for Intel Process Trace (WinIPT) is a project that leverages the new Intel Processor Trace functionality exposed by W…
  ☆407Apr 27, 2023Updated 2 years ago
• mandiant / STrace

  View on GitHub
  A DTrace on Windows Reimplementation
  ☆374Mar 12, 2026Updated 2 weeks ago
• 0xcpu / WinAltSyscallHandler

  View on GitHub
  Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999
  ☆241Nov 6, 2019Updated 6 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• can1357 / NtLua

  View on GitHub
  Lua in kernel-mode because why not.
  ☆367Dec 3, 2021Updated 4 years ago
• NoMercy-ac / SystemHealthCheck

  View on GitHub
  Windows system repair tool
  ☆18Jun 2, 2021Updated 4 years ago
• tandasat / ia32-doc

  View on GitHub
  IA32-doc is a project which aims to put as many definitions from the Intel Manual into machine-processable format as possible
  ☆18Apr 16, 2022Updated 3 years ago
• yardenshafir / KernelDataStructureFinder

  View on GitHub
  Driver and WinDBG scripts to dump information about all resources and lookaside lists
  ☆66Apr 4, 2020Updated 5 years ago
• kkent030315 / CiGetCertPublisherName

  View on GitHub
  An example code of CiGetCertPublisherName
  ☆16Mar 24, 2022Updated 4 years ago
• zodiacon / DbgPrint

  View on GitHub
  Debug Print viewer (user and kernel)
  ☆72Feb 7, 2024Updated 2 years ago
• LLVMParty / UnsupportedInstructionsLiftingToLLVM

  View on GitHub
  Using Zydis and LLVM to lift unsupported instructions to LLVM-IR
  ☆30Jul 30, 2021Updated 4 years ago
• Zero-Tang / SimpleWhpDemo

  View on GitHub
  Simple Demo of using Windows Hypervisor Platform
  ☆29Jul 14, 2025Updated 8 months ago
• lowleveldesign / comon

  View on GitHub
  A WinDbg extension to trace COM interactions
  ☆131Aug 14, 2025Updated 7 months ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• zodiacon / BITSManager

  View on GitHub
  BITS Transfers Manager
  ☆46May 18, 2025Updated 10 months ago
• AaLl86 / WindowsInternals

  View on GitHub
  Contains all the applications developed for the Second part of the 7th Edition of Windows Internals book
  ☆119Jun 30, 2024Updated last year
• kyREcon / IsKernelDebuggerPresent

  View on GitHub
  Detects if a Kernel mode debugger is active by reading the value of KUSER_SHARED_DATA.KdDebuggerEnabled. It is a high level and portable …
  ☆25Sep 18, 2017Updated 8 years ago
• can1357 / NtRays

  View on GitHub
  Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.
  ☆663Jan 28, 2025Updated last year
• Cr4sh / KernelForge

  View on GitHub
  A library to develop kernel level Windows payloads for post HVCI era
  ☆491May 18, 2021Updated 4 years ago
• secrary / Hooking-via-InstrumentationCallback

  View on GitHub
  codes for my blog post: https://secrary.com/Random/InstrumentationCallback/
  ☆182Nov 30, 2017Updated 8 years ago
• shareef12 / libpdb

  View on GitHub
  Parser for Microsoft Program Database (PDB) files
  ☆78Jun 8, 2020Updated 5 years ago