Windows Filtering Platform Explorer
☆330Aug 28, 2025Updated 6 months ago
Alternatives and similar repositories for WFPExplorer
Users that are interested in WFPExplorer are comparing it to the libraries listed below
Sorting:
- Process Monitor X v2☆648Jan 22, 2024Updated 2 years ago
- ☆27Jul 13, 2025Updated 7 months ago
- View Windows System in action☆45Aug 3, 2025Updated 6 months ago
- Debug Print viewer (user and kernel)☆72Feb 7, 2024Updated 2 years ago
- Explore Kernel Objects on Windows☆243Apr 4, 2025Updated 10 months ago
- Code to make it easier to write an NDIS network driver on Windows☆93Oct 1, 2023Updated 2 years ago
- PE Viewer☆210Jan 24, 2026Updated last month
- All reasonably stable tools☆1,395Jan 3, 2026Updated last month
- Enhanced version of the classic Spy++ tool☆223Updated this week
- INF Studio for easier working with driver installation files☆39Nov 11, 2023Updated 2 years ago
- Sysmon-Like research tool for ETW☆384Nov 15, 2022Updated 3 years ago
- Remote Thread Detection with a Kernel Driver☆34Jan 14, 2025Updated last year
- Windows Object Explorer 64-bit☆1,886Feb 10, 2026Updated 2 weeks ago
- View ETW Provider manifest☆574Nov 1, 2024Updated last year
- ☆181Apr 24, 2025Updated 10 months ago
- Work with eBPF on Windows☆44Feb 26, 2025Updated last year
- Samples for the book Windows Kernel Programming, 2nd edition☆373Aug 2, 2025Updated 7 months ago
- Some Code Samples for Windows based Inter-Process-Communication (IPC)☆209Feb 29, 2024Updated 2 years ago
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆318Oct 13, 2024Updated last year
- Windows System Explorer☆878Nov 29, 2025Updated 3 months ago
- BITS Transfers Manager☆46May 18, 2025Updated 9 months ago
- RpcView is a free tool to explore and decompile Microsoft RPC interfaces☆1,042Sep 24, 2023Updated 2 years ago
- RPC Monitor tool based on Event Tracing for Windows☆384Aug 19, 2024Updated last year
- Sample for Creating a new kernel object type and supporting API☆27Sep 7, 2024Updated last year
- PoC memory injection detection agent based on ETW, for offensive and defensive research purposes☆299Apr 10, 2021Updated 4 years ago
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆242Sep 26, 2023Updated 2 years ago
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆146Feb 23, 2019Updated 7 years ago
- Files for http://blog.deniable.org/posts/windows-callbacks/☆77Feb 26, 2022Updated 4 years ago
- Walks the CFG bitmap to find previously executable but currently hidden shellcode regions☆133May 17, 2023Updated 2 years ago
- ☆40May 10, 2025Updated 9 months ago
- Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections☆169May 17, 2023Updated 2 years ago
- List the ETW provider(s) in the registration table of a process.☆80Sep 20, 2023Updated 2 years ago
- Windows Anti-Rootkit Tool☆545Dec 31, 2025Updated 2 months ago
- anti-ransomware file-system filter☆69Sep 3, 2024Updated last year
- Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!☆249Jul 9, 2024Updated last year
- Monitor Kernel pool allocations tags☆77Nov 2, 2023Updated 2 years ago
- An example driver for Windows that shows how to set-up some basic components of the Windows Filtering Platform☆205Jul 6, 2022Updated 3 years ago
- Controlling Windows PP(L)s☆379Jun 9, 2023Updated 2 years ago
- This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret …☆263Apr 29, 2023Updated 2 years ago