zodiacon / WFPExplorer
Windows Filtering Platform Explorer
☆200Updated last month
Related projects: ⓘ
- Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers☆142Updated this week
- PE Viewer☆143Updated 2 months ago
- Run the program with the specified permission level (C++20 required)☆319Updated 3 weeks ago
- Document ETW providers☆200Updated 4 years ago
- Samples for the book Windows Kernel Programming, 2nd edition☆283Updated last month
- Explore Kernel Objects on Windows☆192Updated 7 months ago
- open source process monitor☆249Updated 9 months ago
- DSE bypass using a leaked cert and adjusting the current clock.☆133Updated 2 years ago
- Collection of undocumented Windows API declarations.☆283Updated 3 weeks ago
- Process Monitor X v2☆578Updated 7 months ago
- Authenticode Hash Calculator for PE32/PE32+ files☆104Updated 6 months ago
- A small tool that allows to run WinAPI functions through command line parameters☆176Updated last year
- Controlling Windows PP(L)s☆256Updated last year
- RPC Monitor tool based on Event Tracing for Windows☆324Updated last month
- A DTrace on Windows Reimplementation☆317Updated last month
- View ETW Provider manifest☆413Updated 7 months ago
- Yet another PE Viewer☆137Updated last year
- ☆144Updated 3 weeks ago
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆251Updated 2 years ago
- A global injection and hooking example☆119Updated 11 months ago
- Source code for File Test - Interactive File System Test Tool☆255Updated 3 months ago
- Useful scripts for WinDbg using the debugger data model☆383Updated 5 months ago
- Some Code Samples for Windows based Inter-Process-Communication (IPC)☆153Updated 6 months ago
- MemoryModule which compatible with Win32 API and support exception handling☆342Updated 2 months ago
- A tabbed UI for Microsoft's Hyper-V☆198Updated last month
- This tiny project prevents the signtool from verifing cert time validity and let you sign your bin with outdated cert without changing sy…☆223Updated 5 years ago
- Events from all manifest-based and mof-based ETW providers across Windows 10 versions☆261Updated 4 months ago
- Windows Anti-Rootkit Tool☆435Updated last month
- HyperDeceit is the ultimate all-in-one library that emulates Hyper-V for Windows, giving you the ability to intercept and manipulate oper…☆353Updated last year
- C++ STL in the Windows Kernel with C++ Exception Support☆384Updated last year