zodiacon / AllTools

Related projects: ⓘ

• hfiref0x / WinObjEx64
  Windows Object Explorer 64-bit
  ☆1,619Updated 2 months ago
• zodiacon / SystemExplorer
  Windows System Explorer
  ☆828Updated 3 months ago
• winsiderss / phnt
  Native API header files for the System Informer project.
  ☆1,009Updated last week
• ExpLife0011 / awesome-windows-kernel-security-development
  windows kernel security development
  ☆1,941Updated 2 years ago
• hasherezade / tiny_tracer
  A Pin Tool for tracing API calls etc
  ☆1,268Updated 3 weeks ago
• zodiacon / ProcMonXv2
  Process Monitor X v2
  ☆578Updated 7 months ago
• hasherezade / pe-bear-releases
  PE-bear (builds only)
  ☆765Updated last year
• odzhan / injection
  Windows process injection methods
  ☆122Updated last year
• j00ru / windows-syscalls
  Windows System Call Tables (NT/2000/XP/2003/Vista/7/8/10/11)
  ☆2,116Updated last month
• silverf0x / RpcView
  RpcView is a free tool to explore and decompile Microsoft RPC interfaces
  ☆905Updated 11 months ago
• zodiacon / windowskernelprogrammingbook
  The Windows Kernel Programming book samples
  ☆589Updated 11 months ago
• hasherezade / pe-sieve
  Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…
  ☆3,034Updated last week
• horsicq / XPEViewer
  PE file viewer/editor for Windows, Linux and MacOS.
  ☆967Updated this week
• JKornev / hidden
  🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc
  ☆1,764Updated 2 years ago
• hasherezade / libpeconv
  A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl
  ☆1,082Updated last week
• hfiref0x / SyscallTables
  Windows NT Syscall tables
  ☆1,122Updated last month
• AxtMueller / Windows-Kernel-Explorer
  A free but powerful Windows kernel research tool.
  ☆2,380Updated 3 months ago
• m417z / winbindex
  An index of Windows binaries, including download links for executables such as exe, dll and sys files
  ☆572Updated this week
• petoolse / petools
  PE Tools - Portable executable (PE) manipulation toolkit
  ☆1,018Updated 6 years ago
• microsoft / WinDbg-Samples
  Sample extensions, scripts, and API uses for WinDbg.
  ☆708Updated last month
• mrexodia / TitanHide
  Hiding kernel-driver for x86/x64.
  ☆2,081Updated 8 months ago
• zodiacon / EtwExplorer
  View ETW Provider manifest
  ☆413Updated 7 months ago
• 4d61726b / VirtualKD-Redux
  VirtualKD-Redux - A revival and modernization of VirtualKD
  ☆807Updated 2 months ago
• Mattiwatti / PPLKiller
  Protected Processes Light Killer
  ☆875Updated last year
• wbenny / injdrv
  proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC
  ☆1,096Updated 4 months ago
• googleprojectzero / sandbox-attacksurface-analysis-tools
  Set of tools to analyze Windows sandboxes for exposed attack surface.
  ☆2,048Updated 3 weeks ago
• zodiacon / Win10SysProgBookSamples
  Windows 10 System Programming book samples
  ☆407Updated 3 months ago
• fr0gger / awesome-ida-x64-olly-plugin
  A curated list of IDA x64DBG, Ghidra and OllyDBG plugins.
  ☆1,242Updated 3 months ago
• x64dbg / ScyllaHide
  Advanced usermode anti-anti-debugger. Forked from https://bitbucket.org/NtQuery/scyllahide
  ☆3,400Updated 3 months ago
• HoShiMin / Kernel-Bridge
  Windows kernel hacking framework, driver template, hypervisor and API written on C++
  ☆1,653Updated 10 months ago