zodiacon / WFPExplorerLinks
Windows Filtering Platform Explorer
☆262Updated 4 months ago
Alternatives and similar repositories for WFPExplorer
Users that are interested in WFPExplorer are comparing it to the libraries listed below
Sorting:
- Explore Kernel Objects on Windows☆216Updated last month
- Samples for the book Windows Kernel Programming, 2nd edition☆337Updated 5 months ago
- PE Viewer☆181Updated 4 months ago
- Document ETW providers☆234Updated 5 years ago
- This tiny project prevents the signtool from verifing cert time validity and let you sign your bin with outdated cert without changing sy…☆231Updated 6 years ago
- Authenticode Hash Calculator for PE32/PE32+ files☆111Updated last year
- open source process monitor☆274Updated last month
- DSE bypass using a leaked cert and adjusting the current clock.☆153Updated 2 years ago
- Process Monitor X v2☆613Updated last year
- Controlling Windows PP(L)s☆326Updated last year
- View ETW Provider manifest☆489Updated 7 months ago
- Collection of undocumented Windows API declarations.☆314Updated this week
- Events from all manifest-based and mof-based ETW providers across Windows 10 versions☆299Updated last year
- Run the program with the specified permission level (C++20 required)☆344Updated 3 months ago
- Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers☆257Updated last week
- A tabbed UI for Microsoft's Hyper-V☆217Updated 9 months ago
- System call hook for Windows 10 20H1☆493Updated 3 years ago
- MemoryModule which compatible with Win32 API and support exception handling☆402Updated 3 months ago
- RPC Monitor tool based on Event Tracing for Windows☆356Updated 9 months ago
- A collection of various vulnerable (mostly physical memory exposing) drivers.☆387Updated 2 years ago
- ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detecti…☆302Updated last year
- ☆165Updated 8 months ago
- The Kernel-Mode Winsock library, supporting TCP, UDP and Unix sockets (DGRAM and STREAM).☆245Updated 4 months ago
- A DTrace on Windows Reimplementation☆348Updated 3 months ago
- Run Processes as PPL with ELAM☆163Updated 3 years ago
- Single header version of System Informer's phnt library.☆221Updated last week
- Windows Anti-Rootkit Tool☆502Updated 2 months ago
- DLL that hooks the NtQuerySystemInformation API and hides a process name☆288Updated 2 years ago
- A global injection and hooking example☆141Updated last year
- Load self-signed drivers without TestSigning or disable DSE. Transferred from https://github.com/DoubleLabyrinth/Windows10-CustomKernelSi…☆734Updated 5 years ago