ykfre / BsodSurvivor
This project aims to facilitate debugging a kernel driver in windows by adding support for a code change on the fly without reboot/unload, and more!
☆172Updated last year
Alternatives and similar repositories for BsodSurvivor:
Users that are interested in BsodSurvivor are comparing it to the libraries listed below
- ☆125Updated 5 months ago
- C++ Exceptions in Windows Drivers☆204Updated 4 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆209Updated 5 years ago
- API monitoring via return-hijacking thunks; works without information about target function prototypes.☆115Updated 4 years ago
- Browse Page Tables on Windows (Page Table Viewer)☆195Updated 2 years ago
- Advanced driver monitoring utility.☆206Updated 2 years ago
- Translates WinDbg "dt" structure dump to a C structure☆128Updated 8 years ago
- Header only wrapper around Hex-Rays API in C++20.☆154Updated 2 months ago
- Resolve DOS MZ executable symbols at runtime☆96Updated 3 years ago
- ☆139Updated 4 years ago
- Tool to dump UEFI runtime drivers implementing runtime services for Windows☆96Updated 4 years ago
- Research on Windows Kernel Executive Callback Objects☆284Updated 5 years ago
- An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.☆136Updated 2 years ago
- Lightweight type-1 hypervisor offering a foundation for building advanced security-focused functionality.☆258Updated 2 months ago
- APC Internals Research Code☆162Updated 4 years ago
- A library to develop kernel level Windows payloads for post HVCI era☆392Updated 3 years ago
- A native hypervisor designed for the Windows operating system☆122Updated 4 years ago
- A Cross-Platform C++ parser library for Windows user minidumps with Python 3 bindings.☆200Updated 3 months ago
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆139Updated 6 years ago
- Documenting system information classes and their uses☆50Updated 3 years ago
- IDA Pro plugin to make bitfield accesses easier to grep☆231Updated 3 weeks ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆244Updated 2 years ago
- A ProcMon-esque tool for monitoring Windows Kernel Drivers☆57Updated 3 years ago
- A DTrace on Windows Reimplementation☆340Updated last month
- An example of a client and server using Windows' ALPC functions to send and receive data.☆94Updated last month
- usermode standalone kernel interface☆111Updated 6 years ago
- BYOVD: Loading dbk64.sys and grabbing a handle to it☆149Updated 2 years ago
- Global user-mode hooking framework, based on AppInit_DLLs. The goal is to allow you to rapidly develop hooks to inject in an arbitrary pr…☆167Updated 3 years ago
- Call arbitrary Windows kernel-mode functions from Python on another machine☆44Updated 3 years ago
- This project provides a collection of Microsoft Windows kernel structures, unions and enumerations. Most of them are not officially docum…☆193Updated last month