Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.
-
Updated
Feb 22, 2024 - C++
Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.
Web-based tool that allows comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the OS.
The history of Windows Internals via symbols.
Enumerate user mode shared memory mappings on Windows.
Analysis of the vulnerability
A fast method to intercept syscalls from any user-mode process using InstrumentationCallback and detect any process using InstrumentationCallback.
All undocumented ntoskrnl structs crawled from vergiliusproject.com
A mirror of Windows NT Kernel Documentation
PsLoadedModuleList Unlinking through DKOM Manipulation
Add a description, image, and links to the ntoskrnl topic page so that developers can more easily learn about it.
To associate your repository with the ntoskrnl topic, visit your repo's landing page and select "manage topics."