Some stuff for dealing with Windows processes
-
Updated
Jun 24, 2017 - C++
Some stuff for dealing with Windows processes
Single header library to simplify the usage of direct syscalls. x64/x86
Using Undocumented NTDLL Functions to Read/Write/Delete File
Debugger checks in 3 ways
manual mapping injector
Use ntdll/ntoskrnl to implement Kernel32, Advapi32 and other APIs. It includes user-mode and kernel-mode.
Simple project that demonstrates how an ETW consumer can be created just by using NTDLL
Inline syscalls made for MSVC supporting x64 and WOW64
Add a description, image, and links to the ntdll topic page so that developers can more easily learn about it.
To associate your repository with the ntdll topic, visit your repo's landing page and select "manage topics."