Oxygen1a1

InfinityHook_latest

etw hook (syscall/infinity hook) compatible with the latest Windows version of PG

callstack_spoof

kcrypt

an encryption library designed for Windows kernel and driver programming

oxgenPdb

a Windows kernel Pdb parsing and downloading library that running purely in kernel mode without any R3 programs.

DrvMon

a monitoring windows driver calls kernel api tools

DriverCE

HideProcess

Hide Process

InfinityHookClass

EtwHook for win7-win11;

trashed-vt-syscallhook

Book-Notes-on-Design-and-Implementation-of-a-64-bit-Operating-System

Book Notes on "Design and Implementation of a 64-bit Operating System"

InlineHookClass-x64-x86

类似易语言的超级Hook 可以在任意地址进行Hook 并且返回到Hook的地方

NaotanPdbParser

Very easy to use pdb parsing library with only one header file，You can use it even if you are a fool.

OxygenArk

now it's updating....

Wow64HookServiceTable

This is only a test semi-finished product. the way to get ServiceTable is not compatible. If you want to use it, please improve it.

FlameBro-WinKernel-Study

自己学习火哥写的源码

FindWDK

CMake module for building drivers with Windows Development Kit (WDK)

Simple-Manual-Map-Injector

Simple C++ DLL Manual Map Injector For x86 and x64

awesome-game-security

awesome game security [Welcome to PR]

DragPatch

MFC 实现拖拽补丁

INJECT

D

MemoryModule

A tool to parse and load module in memory, as well as attach a DLL in EXE. Most of the functions are inline, so that it can also be used in shellcode.

Ntoskrnl_Viewer

可在非测试模式下符号化读取内核内存。Kernel memory can be read symbolically in non test mode。

blog_test

BranchesTrace

Ollydbg Plugin BranchesTrace

comment

OpenArk

OpenArk is an open source anti-rookit(ARK) tool for Windows.

Oxygen1a1

Config files for my GitHub profile.

OxygenDriver

vt-debuuger

a debugger use vt technology

WindowsCamp

Windows Kernel Knowledge && Collect Resources on the wire && Nothing innovation by myself &&