Giters
yardenshafir

yardenshafir

Geek Repo

670

followers

1

following

2

stars

Company:https://windows-internals.com/

Home Page:https://medium.com/@yardenshafir2

Twitter:@yarden_shafir

Github PK Tool:Github PK Tool

yardenshafir's repositories

WinDbg_Scripts

Useful scripts for WinDbg using the debugger data model

Language:JavaScriptStargazers:358Issues:20Issues:1

IoRingReadWritePrimitive

Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2

Language:C++License:MITStargazers:215Issues:5Issues:1

PoolViewer

An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.

Language:C++License:MITStargazers:120Issues:6Issues:6

CVE-2020-1034

PoC demonstrating the use of cve-2020-1034 for privilege escalation

Language:C++Stargazers:112Issues:6Issues:0

SymlinkCallback

A driver that hooks C: volume using symbolic link callback to track all FS access to the volume

Language:C++Stargazers:99Issues:9Issues:0

cet-research

A collection of tools, source code, and papers researching Windows' implementation of CET.

Language:CStargazers:68Issues:9Issues:1

KernelDataStructureFinder

Driver and WinDBG scripts to dump information about all resources and lookaside lists

Language:C++Stargazers:63Issues:5Issues:0

DpcWait

Driver demonstrating how to register a DPC to asynchronously wait on an object

Language:C++Stargazers:43Issues:4Issues:0

InformationClasses

Documenting system information classes and their uses

Stargazers:41Issues:5Issues:0

IoRing_Demos

A repository for I/O ring demos, use cases and performance testing on Windows

Language:C++License:GPL-3.0Stargazers:38Issues:4Issues:4

MitigationFlagsCliTool

Command like tool to print mitigation flags for running processes in a memory dump

Language:C++Stargazers:36Issues:3Issues:0

conference_talks

Slides from various conference talks

Stargazers:35Issues:5Issues:0

CallbackObjectAnalyzer

Dumps information about all the callback objects found in a dump file and the functions registered for them

Language:C++Stargazers:32Issues:6Issues:0

rewolf-wow64ext

Helper library for x86 programs that runs under WOW64 layer on x64 versions of Microsoft Windows operating systems.

Language:C++Stargazers:7Issues:1Issues:0

s1dbg

windbg extension that does stuff

Language:C++Stargazers:5Issues:2Issues:0

LOLDrivers

Living Off The Land Drivers

Language:YARALicense:Apache-2.0Stargazers:4Issues:0Issues:0

HackSysExtremeVulnerableDriver

HackSys Extreme Vulnerable Windows Driver

Language:CLicense:NOASSERTIONStargazers:1Issues:1Issues:0

WinObjEx64

Windows Object Explorer 64-bit

License:BSD-2-ClauseStargazers:1Issues:0Issues:0

BlogHyperV

Tools made for my Hyper-V blog series @ https://foxhex0ne.blogspot.com/

Language:C++License:GPL-3.0Stargazers:0Issues:1Issues:0

ntdiff

Language:PythonStargazers:0Issues:1Issues:0

ObjectListView

A mirror of the ObjectListView library

Language:C#License:GPL-3.0Stargazers:0Issues:1Issues:0

vcpkg

C++ Library Manager for Windows, Linux, and MacOS

Language:CMakeLicense:NOASSERTIONStargazers:0Issues:1Issues:0

winsdk-10

Language:C++Stargazers:0Issues:1Issues:0