windows-kernel

Windows File System Proxy - FUSE for Windows

State-of-the-art native debugging tools

Adversary tradecraft detection, protection, and hunting

Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.

SoftICE-like kernel debugger for Windows 11

Kernel mode WinDbg extension and PoCs for token privilege investigation.

The first Computer Emergency Response (ARK) Tools for young people ;) 　　　　　　　　　　　　　　　　　　　　　　年轻人的第一款应急响应(ARK)工具 ；）

Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.

A minimalistic educational hypervisor for Windows on AMD processors.

kHypervisor is a lightweight bluepill-like nested VMM for Windows, it provides and emulating a basic function of Intel VT-x

Windows Storage Proxy Driver - User mode disk storage

SimpleSvmHook is a research purpose hypervisor for Windows on AMD processors.

C++ STL in the Windows Kernel with C++ Exception Support

The Universal C++ RunTime library, supporting kernel-mode C++ exception-handler and STL.

Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks

Tools and PoCs for Windows syscall investigation.

msFuzz is a coverage-guided fuzzer for Windows kernel drivers that utilizes Intel PT and leverages constraint and dependency analysis to guide fuzzing.

C/C++ Runtime library for system file (Windows Kernel Driver) - Supports Microsoft STL

C# Utilities for Windows Notification Facility

masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)