ntoskrnl · GitHub Topics

Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.

ntoskrnl windows-kernel hex-rays hex-rays-decompiler

C++ 601

5 个月前

Web-based tool that allows comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the OS.

diff ntoskrnl pdb portable-executable 逆向工程 Web win32 Windows undocumented Next Rust syscalls insider preview

Rust 345

6 天前

ergrelet / resym

Cross-platform tool that allows browsing and extracting C and C++ type declarations from PDB files.

pdb cross-platform Linux 逆向工程 symbols Windows 命令行界面 diff GUI Rust Web ntoskrnl

Rust 319

4 个月前

AndreyBazhan / SymStore

The history of Windows Internals via symbols.

windowsinternals windows-internals Windows internals Kernel symbols ntoskrnl hal ntdll

C 178

4 年前

MiroKaku / Nt-Modules

Collect different versions of Crucial modules.

ntoskrnl win32k ntdll

Batchfile 140

1 年前

0vercl0k / sic

Enumerate user mode shared memory mappings on Windows.

driver vad ntoskrnl shared-memory windows-kernel Windows

C 121

4 年前

DErDYAST1R / NmiCallbackBlocker

Kernel Level NMI Callback Blocker

blocker bypass callback driver Exploit hvci ntoskrnl patchguard Project undetected Windows

C++ 94

10 个月前

dmaivel / ntoseye

Windows kernel debugger for Linux hosts running Windows under KVM/QEMU

gdb kernel-debugger kvm Linux ntoskrnl pdb qemu qemu-kvm windbg Windows disassembler introspection lldb LLVM memory

C++ 83

21 天前

gmh5225 / ntoskrnl_file_collection

Collect various versions of ntoskrnl files

Windows driver version ntoskrnl file collection

1 年前

RomanRybachek / CVE-2024-20698

Analysis of the vulnerability

Common Vulnerabilities and Exposures (CVE)integer-overflow ntoskrnl 逆向工程 Windows vulnerability

C++ 51

1 年前

1hAck-0 / zeroimport

ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel driver by importing at runtime.

C++Kernel ntoskrnl Windows Library pe

C++ 47

2 年前

keowu / InstrumentationCallbackToolKit

A fast method to intercept syscalls from any user-mode process using InstrumentationCallback and detect any process using InstrumentationCallback.

anticheat Instrumentation Malware ntoskrnl 逆向工程 syscall Windows

C++ 31

2 年前

rft0 / km-dll-mapper

Kernel Mode DLL Manual Mapper

C C++DLL Injector injector ntoskrnl winapi Windows windows-kernel

C++ 31

7 个月前

DErDYAST1R / eprocess-dkom-unlinking

EPROCESS Unlinking example in "C" using DKOM Manipulation

e link ntoskrnl patchguard process undetected

C++ 9

10 个月前

YukinoHayakawa / Usagi

Game Engine from an ADHDer that will never be finished.

computer-graphics entity-component-system 游戏引擎 ntoskrnl vulkan

C++ 9

6 个月前

vtorres / ntoskrnl-offsets-dumper

Dump ntoskrnl.exe important offsets for building your navigation system in the Windows Kernel, using Radare2 and Rust

byovd ntoskrnl radare2 Rust Windows Kernel

Rust 8

3 年前

krystianbajno / winapi-search

💠 Documented and undocumented WinAPI search.

dll functions symbols winapi Windows ntdll ntoskrnl win32 syscalls

TypeScript 8

7 个月前

DErDYAST1R / PsLoadedModuleList-Dkom-Unlinking

PsLoadedModuleList Unlinking through DKOM Manipulation

list module ntoskrnl patchguard process undetected

1 年前

WindowsDatabase / NtoskrnlStruct

All undocumented ntoskrnl structs crawled from vergiliusproject.com

ntoskrnl Windows windows-kernel

C 3

2 年前

w1redch4d / NTDocs

A mirror of Windows NT Kernel Documentation

ntoskrnl

HTML 1

1 年前