zodiacon / TotalPE2

Related projects: ⓘ

• zodiacon / TotalPE
  Yet another PE Viewer
  ☆137Updated last year
• zodiacon / ObjectExplorer
  Explore Kernel Objects on Windows
  ☆192Updated 7 months ago
• Fyyre / DrvMon
  Advanced driver monitoring utility.
  ☆194Updated 2 years ago
• mrexodia / AppInitHook
  Global user-mode hooking framework, based on AppInit_DLLs. The goal is to allow you to rapidly develop hooks to inject in an arbitrary pr…
  ☆156Updated 2 years ago
• Fyyre / ntdll
  ntdll.h - compatible with MSVC 6.0, Intel C++ Compiler and MinGW. Serves as a complete replacement for Windows.h
  ☆128Updated 5 years ago
• thesecretclub / SandboxBootkit
  Bootkit for Windows Sandbox to disable DSE/PatchGuard.
  ☆251Updated 2 years ago
• m417z / Multiline-Ultimate-Assembler
  A multiline (and ultimate) assembler (and disassembler) plugin for x64dbg and OllyDbg. A perfect tool for modifying and extending a compi…
  ☆109Updated 2 years ago
• mrexodia / phnt-single-header
  Single header version of System Informer's phnt library.
  ☆172Updated 3 months ago
• m417z / global-inject-demo
  A global injection and hooking example
  ☆119Updated 10 months ago
• hfiref0x / AuthHashCalc
  Authenticode Hash Calculator for PE32/PE32+ files
  ☆104Updated 6 months ago
• HoShiMin / formatPE
  A bunch of parsers for PE and PDB formats in C++
  ☆220Updated 4 months ago
• m417z / winapiexec
  A small tool that allows to run WinAPI functions through command line parameters
  ☆176Updated last year
• KiFilterFiberContext / warbird-hook
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆229Updated 2 years ago
• DownWithUp / ALPC-Example
  An example of a client and server using Windows' ALPC functions to send and receive data.
  ☆88Updated 4 years ago
• diversenok / Suspending-Techniques
  Comparing, discussing, and bypassing various techniques for suspending and freezing processes on Windows.
  ☆109Updated 2 years ago
• kkent030315 / anycall
  x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration
  ☆214Updated 2 years ago
• zodiacon / PoolMonXv2
  Kernel Pool Monitor
  ☆118Updated 2 years ago
• Ido-Moshe-Github / CiDllDemo
  Use ci.dll API for validating Authenticode signature of files
  ☆124Updated 2 years ago
• csandker / InterProcessCommunication-Samples
  Some Code Samples for Windows based Inter-Process-Communication (IPC)
  ☆153Updated 6 months ago
• ajkhoury / ApiSet
  API Set resolver for Windows
  ☆114Updated last week
• notscimmy / pplib
  Elevate a process to be a protected process
  ☆140Updated 5 years ago
• m417z / ntdoc
  Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers
  ☆142Updated this week
• Microwave89 / createuserprocess
  Three Tiny Examples of Directly Using Vista's NtCreateUserProcess
  ☆84Updated 8 years ago
• repnz / apc-research
  APC Internals Research Code
  ☆155Updated 4 years ago
• kkent030315 / NtSymbol
  Resolve DOS MZ executable symbols at runtime
  ☆93Updated 2 years ago
• 0xeb / WinTools
  A collection of free miscellaneous Windows tools
  ☆118Updated 3 weeks ago
• VollRagm / PTView
  Browse Page Tables on Windows (Page Table Viewer)
  ☆178Updated 2 years ago
• zodiacon / DbgPrint
  Debug Print viewer (user and kernel)
  ☆63Updated 7 months ago
• dbgsymbol / getsymbol
  ☆186Updated this week
• utoni / PastDSE
  DSE bypass using a leaked cert and adjusting the current clock.
  ☆133Updated 2 years ago