A wrapper library around native windows sytem APIs
-
Updated
Feb 2, 2021 - C++
A wrapper library around native windows sytem APIs
Manipulating and Abusing Windows Access Tokens.
Driver demonstrating how to register a DPC to asynchronously wait on an object
DLL Injector (LoadLibrary) in C++ (x86 / x64) - LoadLibrary DLL injector
PoC for detecting and dumping code injection (built and extended on UnRunPE)
PE Explorer in C++ (x86 / x64) - PE file parser, retrieve exports and imports
UltimateAntiCheat is a free & open source usermode anti-cheat system made to detect and prevent common attack vectors in game hacking
Static user/kernel mode library that allows access to all functions and global variables by extracting offsets from the PDB
A class to gather information about a process, its threads and modules.
A small library to extend the functionality of GetModuleHandle and GetProcAddress to other processes
Shellcode execution via x86 inline assembly based on MSVC syntax
Nidhogg is an all-in-one simple to use rootkit for red teams.
Little tool and (header-only lib) to investigate Windows Internals. Shout out to @zodiacon. No pull requests (this is actually a mirrored Mercurial repo).
A DLL injection of RdpThief.dll to perform API hooking and extract RDP credentials
PoC for Bypassing DACL in Windows with DuplicateHandle
POC project to demonstrate how to make a process (or a thread) critical. If such process (or thread) is terminated, this will cause a BSOD.
Add a description, image, and links to the windows-internals topic page so that developers can more easily learn about it.
To associate your repository with the windows-internals topic, visit your repo's landing page and select "manage topics."