Pinned Repositories
antispy
AntiSpy is a free but powerful anti virus and rootkits toolkit.It offers you the ability with the highest privileges that can detect,analyze and restore various kernel modifications and hooks.With its assistance,you can easily spot and neutralize malwares hidden from normal detectors.
findpg
Windbg extension to find PatchGuard pages
IRPMon
The goal of the tool is to monitor requests received by selected device objects or kernel drivers. The tool is quite similar to IrpTracker but has several enhancements. It supports 64-bit versions of Windows (no inline hooks are used, only moodifications to driver object structures are performed) and monitors IRP, FastIo, AddDevice, DriverUnload and StartIo requests.
lcxl-shadow
LCXL影子系统
miwifi
Kernel, Toolchain ... of Xiaomi Router R1D
mona
Corelan Repository for mona.py
NtosKrnlWin.github.io
Jekyll Theme
PyAna
PyAna - Analyzing the Windows shellcode
PythonForWindows
A codebase aimed to make interaction with Windows and native execution easier
xsock
xsock is tcp data transfer tool, modify from https://github.com/Lykan-sec/LCX
NtosKrnlWin's Repositories
NtosKrnlWin/antispy
AntiSpy is a free but powerful anti virus and rootkits toolkit.It offers you the ability with the highest privileges that can detect,analyze and restore various kernel modifications and hooks.With its assistance,you can easily spot and neutralize malwares hidden from normal detectors.
NtosKrnlWin/findpg
Windbg extension to find PatchGuard pages
NtosKrnlWin/IRPMon
The goal of the tool is to monitor requests received by selected device objects or kernel drivers. The tool is quite similar to IrpTracker but has several enhancements. It supports 64-bit versions of Windows (no inline hooks are used, only moodifications to driver object structures are performed) and monitors IRP, FastIo, AddDevice, DriverUnload and StartIo requests.
NtosKrnlWin/lcxl-shadow
LCXL影子系统
NtosKrnlWin/miwifi
Kernel, Toolchain ... of Xiaomi Router R1D
NtosKrnlWin/mona
Corelan Repository for mona.py
NtosKrnlWin/NtosKrnlWin.github.io
Jekyll Theme
NtosKrnlWin/PyAna
PyAna - Analyzing the Windows shellcode
NtosKrnlWin/PythonForWindows
A codebase aimed to make interaction with Windows and native execution easier
NtosKrnlWin/SwishDbgExt
Incident Response & Digital Forensics Debugging Extension
NtosKrnlWin/Sysmon_reverse
NtosKrnlWin/test
NtosKrnlWin/ufgraph
NtosKrnlWin/unitracer
Windows API tracer for malware
NtosKrnlWin/UPGDSED
Universal PatchGuard and Driver Signature Enforcement Disable
NtosKrnlWin/vmdetector
Automatically exported from code.google.com/p/vmdetector
NtosKrnlWin/vmdetectorsys
Automatically exported from code.google.com/p/vmdetectorsys
NtosKrnlWin/wdbgark
WinDBG Anti-RootKit Extension
NtosKrnlWin/windows-syscall-table
windows syscall table from xp ~ 10 rs4
NtosKrnlWin/windows_syscalls_dumper
A dirty IDAPython script to dump windows system call number/name pairs as JSON
NtosKrnlWin/WinObjEx64
Windows Object Explorer 64-bit
NtosKrnlWin/Winpayloads
Undetectable Windows Payload Generation
NtosKrnlWin/xsock
xsock is tcp data transfer tool, modify from https://github.com/Lykan-sec/LCX