There are 24 repositories under windows-kernel topic.
A modern tool for Windows kernel exploration and tracing with a focus on security
Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.
Kernel mode WinDbg extension and PoCs for token privilege investigation.
kHypervisor is a lightweight bluepill-like nested VMM for Windows, it provides and emulating a basic function of Intel VT-x
Tools and PoCs for Windows syscall investigation.
SimpleSvmHook is a research purpose hypervisor for Windows on AMD processors.
Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks
A native hypervisor designed for the Windows operating system
masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)
Targeting Windows Kernel Driver Fuzzer
NTFUZZ: Enabling Type-Aware Kernel Fuzzing on Windows with Static Binary Analysis (IEEE S&P '21)
A proof of concept demonstrating communication via mapped shared memory structures between a user-mode process and a kernel-mode payload on Windows 10 20H2.
Research on obfuscated licensing APIs / CLIP service in the Windows kernel
Android Memory Tools written in python for RAM data reading and writing process of android, linux and windows os's.
improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys
Example Windows Kernel-mode Driver which enumerates running processes.
CSharp Writeups for HackSys Extreme Vulnerable Driver
🔍 Code to read / write the Process Memory from the Kernel 🔧
Call arbitrary Windows kernel-mode functions from Python on another machine
Driver demonstrating how to register a DPC to asynchronously wait on an object
Experimental: A rust library to monitor filesystem 🪛 and more in windows
call gates as stable comunication channel for NT x86 and Linux x86_64
short crackme for Windows XP SP3 (32 bit version). ring0 stuff. IMO very fun x-)