A collection of tools, source code, and papers researching Windows' implementation of CET.
☆93Oct 6, 2020Updated 5 years ago
Alternatives and similar repositories for cet-research
Users that are interested in cet-research are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated last year
- Finding Truth in the Shadows☆129Jan 26, 2023Updated 3 years ago
- Walks the CFG bitmap to find previously executable but currently hidden shellcode regions☆134May 17, 2023Updated 3 years ago
- APC Internals Research Code☆173Jun 28, 2020Updated 5 years ago
- Easy Anti PatchGuard☆221Apr 9, 2021Updated 5 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- .lib file for linking against the NT CRT☆19Mar 18, 2022Updated 4 years ago
- A POC for Windows Extension Host hooking☆24Jul 13, 2019Updated 6 years ago
- Reverse engineered API for Microsoft's Time Travel Debugger☆36Apr 18, 2024Updated 2 years ago
- ☆14Mar 13, 2023Updated 3 years ago
- ☆25Jul 15, 2023Updated 2 years ago
- VFGadget locator to facilitate Counterfeit Object-Oriented Programming (COOP) and Loop-Oriented Programming (LOP) attacks to bypass advan…☆24Mar 16, 2025Updated last year
- Command like tool to print mitigation flags for running processes in a memory dump☆48Sep 18, 2020Updated 5 years ago
- Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2☆256Jul 5, 2022Updated 3 years ago
- ☆165Sep 18, 2021Updated 4 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆272Aug 31, 2022Updated 3 years ago
- This is the P.O.C source for hooking the system calls on Windows 10 (1903) using it's dynamic trace feature weakness☆58Sep 12, 2019Updated 6 years ago
- Application Verifier Dynamic Fault Injection☆42Jan 12, 2026Updated 4 months ago
- WinDbg workplace settings that I use for debugging☆18Aug 3, 2017Updated 8 years ago
- ☆69Feb 6, 2025Updated last year
- Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider☆203Dec 6, 2022Updated 3 years ago
- The Windows Library for Intel Process Trace (WinIPT) is a project that leverages the new Intel Processor Trace functionality exposed by W…☆409Apr 27, 2023Updated 3 years ago
- A DTrace on Windows Reimplementation☆373May 6, 2026Updated 3 weeks ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆243Nov 6, 2019Updated 6 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Lua in kernel-mode because why not.☆371Dec 3, 2021Updated 4 years ago
- Windows system repair tool☆18Jun 2, 2021Updated 4 years ago
- IA32-doc is a project which aims to put as many definitions from the Intel Manual into machine-processable format as possible☆18Apr 16, 2022Updated 4 years ago
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆66Apr 4, 2020Updated 6 years ago
- An example code of CiGetCertPublisherName☆16Mar 24, 2022Updated 4 years ago
- Debug Print viewer (user and kernel)☆70Feb 7, 2024Updated 2 years ago
- Using Zydis and LLVM to lift unsupported instructions to LLVM-IR☆31Jul 30, 2021Updated 4 years ago
- Simple Demo of using Windows Hypervisor Platform☆29Jul 14, 2025Updated 10 months ago
- A WinDbg extension to trace COM interactions☆132Aug 14, 2025Updated 9 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- BITS Transfers Manager☆46May 18, 2025Updated last year
- Contains all the applications developed for the Second part of the 7th Edition of Windows Internals book☆119Jun 30, 2024Updated last year
- Detects if a Kernel mode debugger is active by reading the value of KUSER_SHARED_DATA.KdDebuggerEnabled. It is a high level and portable …☆25Sep 18, 2017Updated 8 years ago
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆670Jan 28, 2025Updated last year
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆183Nov 30, 2017Updated 8 years ago
- Parser for Microsoft Program Database (PDB) files☆77Jun 8, 2020Updated 5 years ago
- A library to develop kernel level Windows payloads for post HVCI era☆508May 18, 2021Updated 5 years ago