windowsinternals

The history of Windows Internals via symbols.

CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers

Windows Kernel Programming

WNF Utilities 4 Newbies (WNFUN)

A ProcMon-esque tool for monitoring Windows Kernel Drivers

Modern C++ wrapper for Windows PE signature verification mechanism

KNSoft.NDK provides native C/C++ definitions and import libraries for Windows NT and some specifications.

Repo contains POCs taken from the course Malware Development 1: The Basics and its succeeding Malware Development 2: Advanced Techniques

Practical Reverse Engineering Exercises

Useful PDFs to learn Reverse engineering, Assembly, C and Windows Internals.

This is a simple Kernel Driver that removes the annoying flashbang effect in CS2 by modifying the flash duration ! It works using IOCTL communication for smooth and efficient memory manipulation. ⚡😎

Implementation of the Process Hollowing technique for process injection (This is the third of three methods in the series)

Implementation of the Process Hollowing technique for process injection (This is the first of three methods in the series)

Implementation of the Process Hollowing technique for process injection (This is the second of three methods in the series)

This is a dumping zone for random things which I tend to forget or stumble upon doing some stuff. Stuff related to windows internals, debugging, security and computers.

Implementation of the Process Injection technique for DLL file injection