Samples from my book Windows Native API programming
☆79May 11, 2025Updated 9 months ago
Alternatives and similar repositories for winnativeapibooksamples
Users that are interested in winnativeapibooksamples are comparing it to the libraries listed below
Sorting:
- ☆27Jul 13, 2025Updated 7 months ago
- Remote Thread Detection with a Kernel Driver☆34Jan 14, 2025Updated last year
- Demo from the Malware Analysis and Development Webinar☆25Apr 17, 2024Updated last year
- Example of building an application verifer DLL☆51Jun 1, 2024Updated last year
- ☆13Aug 17, 2025Updated 6 months ago
- Samples for the book Windows Kernel Programming, 2nd edition☆373Aug 2, 2025Updated 7 months ago
- 基于WFP的小型网络过滤驱动,拦截百度的DNS,感谢公司前辈们的思路与指导。☆14Aug 19, 2021Updated 4 years ago
- Simple x86/x64 Assembler/Disassembler/Emulator☆188Dec 13, 2025Updated 2 months ago
- Work with eBPF on Windows☆44Feb 26, 2025Updated last year
- Some Code Samples for Windows based Inter-Process-Communication (IPC)☆209Feb 29, 2024Updated 2 years ago
- Trace events in real time sessions☆47Aug 25, 2023Updated 2 years ago
- Native API header files for the System Informer project.☆1,351May 25, 2025Updated 9 months ago
- Windows_OS_Internals_Curriculum_Resource_Kit-ACADEMIC☆27Nov 17, 2018Updated 7 years ago
- Reversing and reimplementing "powercfg /requests" using Native API☆30Jul 25, 2024Updated last year
- ntdll.h - compatible with MSVC 6.0, Intel C++ Compiler and MinGW. Serves as a complete replacement for Windows.h☆149Jun 16, 2019Updated 6 years ago
- The Windows Kernel Programming book samples☆666Sep 25, 2023Updated 2 years ago
- Windows 10 System Programming book samples☆450Oct 19, 2025Updated 4 months ago
- PE Viewer☆210Jan 24, 2026Updated last month
- Call NtCreateUserProcess directly as normal.☆77May 17, 2022Updated 3 years ago
- Minimal PoC developed as discuss in https://captmeelo.com/redteam/maldev/2022/05/10/ntcreateuserprocess.html☆144May 10, 2022Updated 3 years ago
- ☆11Jun 24, 2024Updated last year
- Show Window Stations, Desktops and top level windows☆17Jun 10, 2023Updated 2 years ago
- Demonstrate the behavior of the tunnel cache on Windows☆11Aug 13, 2019Updated 6 years ago
- Offensive Assembly code snippets.☆13Jul 12, 2023Updated 2 years ago
- ☆14Jul 29, 2024Updated last year
- Windows Filtering Platform Explorer☆330Aug 28, 2025Updated 6 months ago
- ☆58Feb 27, 2026Updated last week
- A kernel mode Windows rootkit in development.☆49Dec 31, 2021Updated 4 years ago
- Repository of different kernel drivers written while studying Windows NT Driver development☆12Apr 14, 2024Updated last year
- Win16 Display Calculator☆11Dec 19, 2018Updated 7 years ago
- OSED course preparation materials.☆15May 27, 2021Updated 4 years ago
- Repo that holds random POCs☆52Jan 8, 2024Updated 2 years ago
- Process Injection using Thread Name☆299Apr 18, 2025Updated 10 months ago
- Simple error lookup for Win32 and NTSTATUS errors☆20Nov 25, 2018Updated 7 years ago
- A simple enhanced class based on .net official FileSystemWatcher☆12Jun 17, 2021Updated 4 years ago
- ☆20Jul 9, 2019Updated 6 years ago
- Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich☆18Jun 29, 2024Updated last year
- An example of Windows self-replicating malware.☆11Jan 16, 2023Updated 3 years ago
- INF Studio for easier working with driver installation files☆39Nov 11, 2023Updated 2 years ago