A wrapper library around native windows sytem APIs
-
Updated
Feb 2, 2021 - C++
A wrapper library around native windows sytem APIs
Manipulating and Abusing Windows Access Tokens.
Research project - make an anti-cheat to detect: memory editing, debugging, injected modules, test signing mode, etc
DLL Injector (LoadLibrary) in C++ (x86 / x64) - LoadLibrary DLL injector
Static user/kernel mode library that allows access to all functions and global variables by extracting offsets from the PDB
PoC for detecting and dumping code injection (built and extended on UnRunPE)
PE Explorer in C++ (x86 / x64) - PE file parser, retrieve exports and imports
Driver demonstrating how to register a DPC to asynchronously wait on an object
A class to gather information about a process, its threads and modules.
A small library to extend the functionality of GetModuleHandle and GetProcAddress to other processes
Shellcode execution via x86 inline assembly based on MSVC syntax
Little tool and (header-only lib) to investigate Windows Internals. Shout out to @zodiacon. No pull requests (this is actually a mirrored Mercurial repo).
Nidhogg is an all-in-one simple to use rootkit for red teams.
PlugProtector is a security project that safeguards a system's USB ports from untrusted devices
Standard and DLL Manual Mapping
POC project to demonstrate how to make a process (or a thread) critical. If such process (or thread) is terminated, this will cause a BSOD.
Add a description, image, and links to the windows-internals topic page so that developers can more easily learn about it.
To associate your repository with the windows-internals topic, visit your repo's landing page and select "manage topics."