ntoskrnl
There are 16 repositories under ntoskrnl topic.
can1357/NtRays
Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.
ergrelet/windiff
Web-based tool that allows comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the OS.
ergrelet/resym
Cross-platform tool that allows browsing and extracting C and C++ type declarations from PDB files.
AndreyBazhan/SymStore
The history of Windows Internals via symbols.
MiroKaku/Nt-Modules
Collect different versions of Crucial modules.
0vercl0k/sic
Enumerate user mode shared memory mappings on Windows.
RomanRybachek/CVE-2024-20698
Analysis of the vulnerability
1hAck-0/zeroimport
ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel driver by importing at runtime.
keowu/InstrumentationCallbackToolKit
A fast method to intercept syscalls from any user-mode process using InstrumentationCallback and detect any process using InstrumentationCallback.
i32-Sudo/NmiCallbackBlocker
Kernel Level NMI Callback Blocker
i32-Sudo/eprocess-dkom-unlinking
EPROCESS Unlinking example in "C" using DKOM Manipulation
krystianbajno/winapi-search
💠 WinAPI Search helps to find documented and undocumented functions in WinAPI - search by DLL name, function name, return type, and parameters.
vtorres/ntoskrnl-offsets-dumper
Dump ntoskrnl.exe important offsets for building your navigation system in the Windows Kernel, using Radare2 and Rust
WindowsDatabase/NtoskrnlStruct
All undocumented ntoskrnl structs crawled from vergiliusproject.com
i32-Sudo/PsLoadedModuleList-Dkom-Unlinking
PsLoadedModuleList Unlinking through DKOM Manipulation
w1redch4d/NTDocs
A mirror of Windows NT Kernel Documentation