zodiacon / ALPCLoggerLinks
Log ALPC activity
☆84Updated last year
Alternatives and similar repositories for ALPCLogger
Users that are interested in ALPCLogger are comparing it to the libraries listed below
Sorting:
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆145Updated 6 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆52Updated 4 years ago
- Run any executable as SYSTEM account (no service required)☆136Updated last year
- Process Doppelgänging☆161Updated 7 years ago
- Windows RPC Python fuzzer☆163Updated 7 years ago
- windbg plugin for win32k debugging☆75Updated 5 years ago
- Advance LPC☆70Updated 8 years ago
- kernel pool windbg extension☆84Updated 10 years ago
- Idapython script to carve binary for internal RPC structures☆238Updated last year
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆68Updated 5 years ago
- awesome-windows-security-development☆172Updated 7 years ago
- An example of a client and server using Windows' ALPC functions to send and receive data.☆101Updated 7 months ago
- A command tree based on commands and extensions for Windows Kernel Debugging.☆109Updated 5 years ago
- Command like tool to print mitigation flags for running processes in a memory dump☆47Updated 4 years ago
- 0CCh Windbg extension: include some useful commands☆113Updated 2 years ago
- Helper idapython code for reversing kmdf drivers☆74Updated 3 years ago
- Hyper-V Research is trendy now☆182Updated last year
- Explore Job Objects on a Windows system☆83Updated 5 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆231Updated 5 years ago
- A Windows kernel dump C++ parser library with Python 3 bindings.☆204Updated last year
- Simple 32/64-bit PEs loader.☆139Updated 6 years ago
- Windbg2ida lets you dump each step in Windbg then shows these steps in IDA☆75Updated last year
- Reverse engineered source code of the autochk rootkit☆205Updated 5 years ago
- This program can retrieve signature information from PE files which signed by one or more certificates on Windows. Supporting multi-signe…☆101Updated 2 years ago
- View handles and object for each object type☆64Updated 5 years ago
- ☆120Updated 4 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆106Updated 5 years ago
- Elevation of privilege detector based on HyperPlatform☆122Updated 8 years ago
- ☆27Updated 7 years ago
- Local privilege escalation PoC exploit for CVE-2019-16098☆195Updated 5 years ago