chinatiny

IRPMon

The goal of the tool is to monitor requests received by selected device objects or kernel drivers. The tool is quite similar to IrpTracker but has several enhancements. It supports 64-bit versions of Windows (no inline hooks are used, only moodifications to driver object structures are performed) and monitors IRP, FastIo, AddDevice, DriverUnload and StartIo requests.

FOKS-TROT

minifilter双缓冲透明加解密过滤驱动

osquery

SQL powered operating system instrumentation, monitoring, and analytics.

Windows-Event-log-Cleaner

Deletes the VirtualBox driver service, clears the USN journal, and cleans up the Windows Event Log by removing event logs.

WinObjEx64

Windows Object Explorer 64-bit

windows-kernel-file-delete

Force a file delete using a windows kernel driver

KDU

Kernel Driver Utility

Hook-KdTrap

Kernel-Bridge

Windows kernel hacking framework, driver template, hypervisor and API written on C++

KernelDwm

Kernel dwm render

FOKS-TROT

It's a minifilter used for transparent-encrypting.

awesome-windows-kernel-security-development

windows kernel security development

openedr

Open EDR public repository

ucxxrt

The Universal C++ RunTime library, supporting kernel-mode C++ exception-handler and STL.

phoenix

网易云信跨平台C++开发框架

mud

炎黄文字MUD游戏，请使用 fluffos v2019 驱动

NeteaseUnpackTools

Netease game file decrypt tools.( .npk .nxs .pyc )

CodeRepository

Android示例代码库,工具库

js_shellcode_to_c

convert javascript shellcode to c source code

antispy

AntiSpy is a free but powerful anti virus and rootkits toolkit.It offers you the ability with the highest privileges that can detect,analyze and restore various kernel modifications and hooks.With its assistance,you can easily spot and neutralize malwares hidden from normal detectors.

996.ICU

Repo for counting stars and contributing. Press F to pay respect to glorious developers.

AnotherApexDebug

UPGDSED

Universal PatchGuard and Driver Signature Enforcement Disable

Windows-Kernel-Explorer

A free but powerful Windows kernel research tool.