Windows 10 System Programming book samples
☆449Oct 19, 2025Updated 4 months ago
Alternatives and similar repositories for Win10SysProgBookSamples
Users that are interested in Win10SysProgBookSamples are comparing it to the libraries listed below
Sorting:
- The Windows Kernel Programming book samples☆666Sep 25, 2023Updated 2 years ago
- Windows System Explorer☆878Nov 29, 2025Updated 3 months ago
- Samples for the book Windows Kernel Programming, 2nd edition☆373Aug 2, 2025Updated 6 months ago
- Process Monitor X v2☆648Jan 22, 2024Updated 2 years ago
- All reasonably stable tools☆1,395Jan 3, 2026Updated last month
- Windows Object Explorer 64-bit☆1,886Feb 10, 2026Updated 2 weeks ago
- Native API header files for the System Informer project.☆1,347May 25, 2025Updated 9 months ago
- Windows Internals Book 7th edition Tools☆2,682Apr 11, 2024Updated last year
- Sample extensions, scripts, and API uses for WinDbg.☆812Dec 27, 2025Updated 2 months ago
- A simple example how to decrypt kernel debugger data block☆32Feb 8, 2021Updated 5 years ago
- My personal cheat sheet for using WinDbg for kernel debugging☆453Apr 17, 2025Updated 10 months ago
- Hook system calls on Windows by using Kaspersky's hypervisor☆1,278Feb 14, 2026Updated 2 weeks ago
- KSOCKET provides a very basic example how to make a network connections in the Windows Driver by using WSK☆541Sep 2, 2022Updated 3 years ago
- proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC☆1,270May 1, 2024Updated last year
- Windows kernel hacking framework, driver template, hypervisor and API written on C++☆1,802Nov 12, 2023Updated 2 years ago
- Windows NT Syscall tables☆1,388Dec 31, 2025Updated 2 months ago
- Windows NT x64 syscall fuzzer☆634Feb 19, 2026Updated last week
- Demo from the Malware Analysis and Development Webinar☆25Apr 17, 2024Updated last year
- A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl☆1,330Oct 31, 2025Updated 4 months ago
- Sysmon-Like research tool for ETW☆384Nov 15, 2022Updated 3 years ago
- ☆58Updated this week
- APC Internals Research Code☆169Jun 28, 2020Updated 5 years ago
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆318Oct 13, 2024Updated last year
- Process Creation, Image Load and Thread Creation Notification☆13Sep 15, 2023Updated 2 years ago
- PE Viewer☆210Jan 24, 2026Updated last month
- Monitor activity of any driver☆353Nov 2, 2020Updated 5 years ago
- windows kernel security development☆2,057Sep 6, 2022Updated 3 years ago
- CFB is a ProcMon-style tool designed to assist capturing IRPs sent to Windows drivers.☆333Mar 26, 2024Updated last year
- ☆125May 23, 2020Updated 5 years ago
- C++ Exceptions in Windows Drivers☆221Dec 21, 2020Updated 5 years ago
- Windows PDB parser for kernel-mode environment.☆107Jun 7, 2025Updated 8 months ago
- A driver that hooks C: volume using symbolic link callback to track all FS access to the volume☆110Apr 24, 2020Updated 5 years ago
- The functions interception library written on pure C and NativeAPI with UserMode and KernelMode support☆762Apr 24, 2025Updated 10 months ago
- Inline syscalls made easy for windows on clang☆736Jun 21, 2024Updated last year
- Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.☆902Nov 21, 2019Updated 6 years ago
- Rendering on external windows via hijacking thread contexts☆404Jun 28, 2020Updated 5 years ago
- Advanced driver monitoring utility.☆219Jul 13, 2022Updated 3 years ago
- System call hook for Windows 10 20H1☆496Jun 26, 2021Updated 4 years ago
- View handles and object for each object type☆64Sep 1, 2019Updated 6 years ago