Windows 10 System Programming book samples
☆450Oct 19, 2025Updated 5 months ago
Alternatives and similar repositories for Win10SysProgBookSamples
Users that are interested in Win10SysProgBookSamples are comparing it to the libraries listed below
Sorting:
- The Windows Kernel Programming book samples☆667Sep 25, 2023Updated 2 years ago
- Windows System Explorer☆878Nov 29, 2025Updated 3 months ago
- Samples for the book Windows Kernel Programming, 2nd edition☆373Aug 2, 2025Updated 7 months ago
- Process Monitor X v2☆651Jan 22, 2024Updated 2 years ago
- All reasonably stable tools☆1,402Feb 27, 2026Updated 3 weeks ago
- Native API header files for the System Informer project.☆1,364May 25, 2025Updated 9 months ago
- Windows Object Explorer 64-bit☆1,893Mar 9, 2026Updated last week
- Demo from the Malware Analysis and Development Webinar☆25Apr 17, 2024Updated last year
- My personal cheat sheet for using WinDbg for kernel debugging☆455Apr 17, 2025Updated 11 months ago
- Windows Internals Book 7th edition Tools☆2,693Apr 11, 2024Updated last year
- Process Creation, Image Load and Thread Creation Notification☆13Sep 15, 2023Updated 2 years ago
- Sample extensions, scripts, and API uses for WinDbg.☆814Dec 27, 2025Updated 2 months ago
- Hook system calls on Windows by using Kaspersky's hypervisor☆1,285Feb 14, 2026Updated last month
- A simple example how to decrypt kernel debugger data block☆32Feb 8, 2021Updated 5 years ago
- Windows NT x64 syscall fuzzer☆634Feb 19, 2026Updated last month
- KSOCKET provides a very basic example how to make a network connections in the Windows Driver by using WSK☆541Sep 2, 2022Updated 3 years ago
- proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC☆1,274May 1, 2024Updated last year
- ☆58Feb 27, 2026Updated 3 weeks ago
- Windows kernel hacking framework, driver template, hypervisor and API written on C++☆1,802Nov 12, 2023Updated 2 years ago
- APC Internals Research Code☆169Jun 28, 2020Updated 5 years ago
- Windows NT Syscall tables☆1,395Dec 31, 2025Updated 2 months ago
- Monitor activity of any driver☆352Nov 2, 2020Updated 5 years ago
- Sysmon-Like research tool for ETW☆387Nov 15, 2022Updated 3 years ago
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆321Oct 13, 2024Updated last year
- CFB is a ProcMon-style tool designed to assist capturing IRPs sent to Windows drivers.☆332Mar 26, 2024Updated last year
- DEFCON 27 workshop - Modern Debugging with WinDbg Preview☆744Nov 1, 2024Updated last year
- ☆125May 23, 2020Updated 5 years ago
- Research on Windows Kernel Executive Callback Objects☆316Feb 22, 2020Updated 6 years ago
- A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl☆1,340Mar 7, 2026Updated 2 weeks ago
- View handles and object for each object type☆65Sep 1, 2019Updated 6 years ago
- Samples from my book Windows Native API programming☆80May 11, 2025Updated 10 months ago
- Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.☆905Nov 21, 2019Updated 6 years ago
- Rendering on external windows via hijacking thread contexts☆406Jun 28, 2020Updated 5 years ago
- The functions interception library written on pure C and NativeAPI with UserMode and KernelMode support☆764Apr 24, 2025Updated 10 months ago
- Inline syscalls made easy for windows on clang☆736Jun 21, 2024Updated last year
- C++ Exceptions in Windows Drivers☆222Dec 21, 2020Updated 5 years ago
- Windows System Programming Experiments☆222Jun 13, 2022Updated 3 years ago
- PE Viewer☆212Jan 24, 2026Updated last month
- API Set Viewer☆93Jan 20, 2025Updated last year