ntoskrnl
There are 19 repositories under ntoskrnl topic.
can1357/NtRays
Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.
ergrelet/windiff
Web-based tool that allows comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the OS.
ergrelet/resym
Cross-platform tool that allows browsing and extracting C and C++ type declarations from PDB files.
AndreyBazhan/SymStore
The history of Windows Internals via symbols.
MiroKaku/Nt-Modules
Collect different versions of Crucial modules.
0vercl0k/sic
Enumerate user mode shared memory mappings on Windows.
dmaivel/ntoseye
Windows kernel debugger for Linux hosts running Windows under KVM/QEMU
1hAck-0/zeroimport
ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel driver by importing at runtime.
gmh5225/ntoskrnl_file_collection
Collect various versions of ntoskrnl files
RomanRybachek/CVE-2024-20698
Analysis of the vulnerability
i32-Sudo/NmiCallbackBlocker
Kernel Level NMI Callback Blocker
keowu/InstrumentationCallbackToolKit
A fast method to intercept syscalls from any user-mode process using InstrumentationCallback and detect any process using InstrumentationCallback.
rft0/km-dll-mapper
Kernel Mode DLL Manual Mapper
vtorres/ntoskrnl-offsets-dumper
Dump ntoskrnl.exe important offsets for building your navigation system in the Windows Kernel, using Radare2 and Rust
krystianbajno/winapi-search
💠 Documented and undocumented WinAPI search.
i32-Sudo/eprocess-dkom-unlinking
EPROCESS Unlinking example in "C" using DKOM Manipulation
i32-Sudo/PsLoadedModuleList-Dkom-Unlinking
PsLoadedModuleList Unlinking through DKOM Manipulation
WindowsDatabase/NtoskrnlStruct
All undocumented ntoskrnl structs crawled from vergiliusproject.com
w1redch4d/NTDocs
A mirror of Windows NT Kernel Documentation