Windows File System Proxy - FUSE for Windows
State-of-the-art native debugging tools
Adversary tradecraft detection, protection, and hunting
Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.
Kernel mode WinDbg extension and PoCs for token privilege investigation.
Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.
The first Computer Emergency Response (ARK) Tools for young people ;) 年轻人的第一款应急响应(ARK)工具 ;)
Windows Storage Proxy Driver - User mode disk storage
A minimalistic educational hypervisor for Windows on AMD processors.
kHypervisor is a lightweight bluepill-like nested VMM for Windows, it provides and emulating a basic function of Intel VT-x
C++ STL in the Windows Kernel with C++ Exception Support
SimpleSvmHook is a research purpose hypervisor for Windows on AMD processors.
The Universal C++ RunTime library, supporting kernel-mode C++ exception-handler and STL.
Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks
Tools and PoCs for Windows syscall investigation.
msFuzz is a coverage-guided fuzzer for Windows kernel drivers that utilizes Intel PT and leverages constraint and dependency analysis to guide fuzzing.
C/C++ Runtime library for system file (Windows Kernel Driver) - Supports Microsoft STL
masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)