zodiacon / winnativeapibooksamplesView external linksLinks
Samples from my book Windows Native API programming
☆80May 11, 2025Updated 9 months ago
Alternatives and similar repositories for winnativeapibooksamples
Users that are interested in winnativeapibooksamples are comparing it to the libraries listed below
Sorting:
- ☆27Jul 13, 2025Updated 7 months ago
- Remote Thread Detection with a Kernel Driver☆34Jan 14, 2025Updated last year
- Demo from the Malware Analysis and Development Webinar☆23Apr 17, 2024Updated last year
- Example of building an application verifer DLL☆51Jun 1, 2024Updated last year
- ☆13Aug 17, 2025Updated 5 months ago
- Samples for the book Windows Kernel Programming, 2nd edition☆374Aug 2, 2025Updated 6 months ago
- 基于WFP的小型网络过滤驱动,拦截百度的DNS,感谢公司前辈们的思路与指导。☆14Aug 19, 2021Updated 4 years ago
- Simple x86/x64 Assembler/Disassembler/Emulator☆189Dec 13, 2025Updated 2 months ago
- Work with eBPF on Windows☆44Feb 26, 2025Updated 11 months ago
- Some Code Samples for Windows based Inter-Process-Communication (IPC)☆208Feb 29, 2024Updated last year
- Trace events in real time sessions☆47Aug 25, 2023Updated 2 years ago
- Native API header files for the System Informer project.☆1,343May 25, 2025Updated 8 months ago
- Windows_OS_Internals_Curriculum_Resource_Kit-ACADEMIC☆27Nov 17, 2018Updated 7 years ago
- Reversing and reimplementing "powercfg /requests" using Native API☆30Jul 25, 2024Updated last year
- ntdll.h - compatible with MSVC 6.0, Intel C++ Compiler and MinGW. Serves as a complete replacement for Windows.h☆149Jun 16, 2019Updated 6 years ago
- The Windows Kernel Programming book samples☆664Sep 25, 2023Updated 2 years ago
- Call NtCreateUserProcess directly as normal.☆76May 17, 2022Updated 3 years ago
- Windows 10 System Programming book samples☆450Oct 19, 2025Updated 3 months ago
- PE Viewer☆208Jan 24, 2026Updated 3 weeks ago
- Minimal PoC developed as discuss in https://captmeelo.com/redteam/maldev/2022/05/10/ntcreateuserprocess.html☆143May 10, 2022Updated 3 years ago
- Show Window Stations, Desktops and top level windows☆17Jun 10, 2023Updated 2 years ago
- ☆10Jun 24, 2024Updated last year
- Offensive Assembly code snippets.☆13Jul 12, 2023Updated 2 years ago
- ☆14Jul 29, 2024Updated last year
- Demonstrate the behavior of the tunnel cache on Windows☆10Aug 13, 2019Updated 6 years ago
- Windows Filtering Platform Explorer☆325Aug 28, 2025Updated 5 months ago
- ☆58Dec 8, 2025Updated 2 months ago
- A kernel mode Windows rootkit in development.☆49Dec 31, 2021Updated 4 years ago
- OSED course preparation materials.☆15May 27, 2021Updated 4 years ago
- Win16 Display Calculator☆11Dec 19, 2018Updated 7 years ago
- Repository of different kernel drivers written while studying Windows NT Driver development☆12Apr 14, 2024Updated last year
- Repo that holds random POCs☆52Jan 8, 2024Updated 2 years ago
- Process Injection using Thread Name☆297Apr 18, 2025Updated 9 months ago
- Simple error lookup for Win32 and NTSTATUS errors☆20Nov 25, 2018Updated 7 years ago
- A simple enhanced class based on .net official FileSystemWatcher☆12Jun 17, 2021Updated 4 years ago
- An example of Windows self-replicating malware.☆11Jan 16, 2023Updated 3 years ago
- Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich☆17Jun 29, 2024Updated last year
- ☆20Jul 9, 2019Updated 6 years ago
- Shows different icons for 64 and 32-bit DLLs. Register with RegSvr32 to install☆38Dec 28, 2024Updated last year