windows-kernel
There are 86 repositories under windows-kernel topic.
winfsp/winfsp
Windows File System Proxy - FUSE for Windows
HyperDbg/HyperDbg
State-of-the-art native debugging tools
rabbitstack/fibratus
Adversary tradecraft detection, protection, and hunting
tandasat/HyperPlatform
Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.
vitoplantamura/BugChecker
SoftICE-like kernel debugger for Windows 11
daem0nc0re/PrivFu
Kernel mode WinDbg extension and PoCs for token privilege investigation.
QAX-Anti-Virus/QDoctor
The first Computer Emergency Response (ARK) Tools for young people ;) 年轻人的第一款应急响应(ARK)工具 ;)
can1357/NtRays
Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.
tandasat/SimpleSvm
A minimalistic educational hypervisor for Windows on AMD processors.
tandasat/SimpleSvmHook
SimpleSvmHook is a research purpose hypervisor for Windows on AMD processors.
KelvinMsft/kHypervisor
kHypervisor is a lightweight bluepill-like nested VMM for Windows, it provides and emulating a basic function of Intel VT-x
jxy-s/stlkrn
C++ STL in the Windows Kernel with C++ Exception Support
winfsp/winspd
Windows Storage Proxy Driver - User mode disk storage
MiroKaku/ucxxrt
The Universal C++ RunTime library, supporting kernel-mode C++ exception-handler and STL.
VoidSec/DriverBuddyReloaded
Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks
daem0nc0re/AtomicSyscall
Tools and PoCs for Windows syscall investigation.
0dayResearchLab/msFuzz
msFuzz is a coverage-guided fuzzer for Windows kernel drivers that utilizes Intel PT and leverages constraint and dependency analysis to guide fuzzing.
ntoskrnl7/crtsys
C/C++ Runtime library for system file (Windows Kernel Driver) - Supports Microsoft STL
daem0nc0re/SharpWnfSuite
C# Utilities for Windows Notification Facility
therealdreg/masm32-kernel-programming
masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)
0vercl0k/sic
Enumerate user mode shared memory mappings on Windows.
amiryeshurun/HyperWin
A native hypervisor designed for the Windows operating system
KiFilterFiberContext/windows-software-policy
Research on obfuscated licensing APIs / CLIP service in the Windows kernel
Th3Spl/IoCreateDriver
IoCreateDriver Implementation, it can be useful if you're trying to bypass anticheats
SoftSec-KAIST/NTFuzz
NTFUZZ: Enabling Type-Aware Kernel Fuzzing on Windows with Static Binary Analysis (IEEE S&P '21)
IDouble/Kernel-Memory-Reading-Writing
🔍 Code to read / write the Process Memory from the Kernel 🔧
Anonym0usWork1221/android-memorytool
Android Memory Tools written in python for RAM data reading and writing process of android, linux and windows os's.
danielkrupinski/KernelProcessList
Example Windows Kernel-mode Driver which enumerates running processes.
loneicewolf/smbdoor
improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys
yardenshafir/DpcWait
Driver demonstrating how to register a DPC to asynchronously wait on an object
daem0nc0re/HEVD-CSharpKernelPwn
CSharp Writeups for HackSys Extreme Vulnerable Driver
SilverTuxedo/keval
Call arbitrary Windows kernel-mode functions from Python on another machine
rft0/km-dll-mapper
Kernel Mode DLL Manual Mapper
Ap3x/Panoptes
Panoptes Endpoint Detection and Response Solution
SubconsciousCompute/fsfilter-rs
Experimental: A rust library to monitor filesystem 🪛 and more in windows