Repository navigation

#

windows-internals

taviso/ctftool
taviso / ctftool 

Interactive CTF Exploration Tool

安全逆向工程Windowswindows-internals
C
1661
4 年前
daem0nc0re / TangledWinExec 

PoCs and tools for investigation of Windows process execution techniques

red-team逆向工程Windowswindows-internalswindbg-extension
C#
934
1 个月前
mrexodia / dumpulator 

An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).

Pythonmalware-analysismalware-researchunicornminidump模拟器x64easy-to-usesandboxcross-platformHacktoberfestMalware逆向工程Windowswindows-internalsdebugging-toolsunpacking
C
826
2 年前
VirtualAlllocEx / DEFCON-31-Syscalls-Workshop 

Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".

antivirus-bypassantivirus-evasionedr-bypassedr-evasionmalware-developmentwindows-internalsdirect-syscallsindirect-syscallsmalware-analysismalware-development-guideworkshopshellcode-loadersyscallsShell
C
691
3 个月前
diversenok / TokenUniverse 

An advanced tool for working with access tokens and Windows security policy.

Windows安全delphiwindows-internals
Pascal
618
20 天前
Dewera / Lunar 

A lightweight native DLL mapping library that supports mapping directly from memory

dll-injection逆向工程windows-internals
C#
588
2 年前
AlSch092 / UltimateAntiCheat 

UltimateAnticheat is an open source usermode anti-cheat system made to detect and prevent common attack vectors in game cheating (C++, Windows)

anti-cheatanti-debuggingwindows-internalsgame-hackinganticheatC++game-cheat
C++
503
7 天前
JustasMasiulis / nt_wrapper 

A wrapper library around native windows sytem APIs

C++modern-cppwindows-internalssystemlow-level逆向工程Malwareobfuscationsyscall
C++
440
5 年前
ayoubfaouzi / windows-internals 

My notes while studying Windows internals

driver-programmingvirtual-memorydpcwindows-internals
C
435
8 个月前
christophetd / spoofing-office-macro 

🐟 PoC of a VBA macro spawning a process with a spoofed parent and command line.

windows-securityprocess-injectionwindows-internals
VBA
381
5 年前
S1ckB0y1337 / TokenPlayer 

Manipulating and Abusing Windows Access Tokens.

Windowswindows-privilege-escalationwindows-internalstokenswindows-securitypentest-toolpost-exploitationlateral-movementuac-bypass
C++
280
5 年前
mrexodia / phnt-single-header 

Single header version of System Informer's phnt library.

nativeprocesshackerSDKsysteminformerwdkWindowswindows-internalsdebugger安全
CMake
227
5 天前
vxcute / WindowsInternals 

Yet another windows internals repo

windows-internals逆向工程
C++
207
4 年前
mentebinaria / fundamentos-engenharia-reversa 

Livro: Engenharia Reversa - Fundamentos e Prática

malware-analysiswindows-internalsWindows逆向工程reversingCwin32Assemblywindows-apilivro
183
1 个月前
AndreyBazhan / SymStore 

The history of Windows Internals via symbols.

windowsinternalswindows-internalsWindowsinternalsKernelsymbolsntoskrnlhalntdll
C
180
4 年前
gabriel-sztejnworcel / pipe-intercept 

Intercept Windows Named Pipes communication using Burp or similar HTTP proxy tools

interception-toolsnamed-pipeswindows-internalsmitm
Python
176
3 年前
adamhlt / DLL-Injector 

DLL Injector (LoadLibrary) in C++ (x86 / x64) - LoadLibrary DLL injector

dll-injectionDLL InjectorpewinapiWindowswindows-internals
C++
157
2 年前
diversenok / NtUtilsLibrary 

Delphi library for system programming on Windows using Native API

delphisystem-programmingWindowswinapiwindows-internals
Pascal
132
4 天前
diversenok / NtTools 

Some random system tools for Windows

Windowswinapisystemwindows-internals
Pascal
114
3 年前
Dewera / Pluto 

A manual system call library that supports functions from both ntdll.dll and win32u.dll

逆向工程syscallwindows-internals
C#
110
2 年前