Pinned Repositories
DataptrHooks
ntoskrnl .data hooks for UM-KM communication
FileHide
filter driver to hide files and directories
GhostMapperUM
manual map unsigned driver over signed memory
KDP-compatible-driver-loader
KDP compatible unsigned driver loader leveraging a write primitive in one of the IOCTLs of gdrv.sys
KernelInjector
PoC kernel to usermode injection
KeystrokeSniffer
a windows kernel keylogger that works
MinifilterHook
silence file system monitoring components by hooking their minifilters
RansomGuard
anti-ransomware file-system filter
WFPCalloutReserach
research revolving the windows filtering platform callout mechanism
EDRSandblast
0mWindyBug's Repositories
0mWindyBug/GhostMapperUM
manual map unsigned driver over signed memory
0mWindyBug/KDP-compatible-driver-loader
KDP compatible unsigned driver loader leveraging a write primitive in one of the IOCTLs of gdrv.sys
0mWindyBug/KernelInjector
PoC kernel to usermode injection
0mWindyBug/MinifilterHook
silence file system monitoring components by hooking their minifilters
0mWindyBug/RansomGuard
anti-ransomware file-system filter
0mWindyBug/DataptrHooks
ntoskrnl .data hooks for UM-KM communication
0mWindyBug/WFPCalloutReserach
research revolving the windows filtering platform callout mechanism
0mWindyBug/KeystrokeSniffer
a windows kernel keylogger that works
0mWindyBug/FileHide
filter driver to hide files and directories
0mWindyBug/PnpNotifyResearch
a driver to enumerate registered pnp callbacks for a particular interface class based on reversal of IoRegisterPlugPlayNotification
0mWindyBug/BackupFilter
backup your documents
0mWindyBug/EventPic
messing around with pic and events
0mWindyBug/shellcodes
Windows Shellcodes
0mWindyBug/AsyncIo
asynchronous ioctl completion sample
0mWindyBug/egghunters
Windows SEH based egghunter
0mWindyBug/0mWindyBug.github.io
0mWindyBug/cpp