AMSI bypass techniques and tools
-
Updated
Mar 22, 2023 - PowerShell
AMSI bypass techniques and tools
A DLL injection of RdpThief.dll to perform API hooking and extract RDP credentials
Microsoft Developer Blogs Search Tool
Introducing the Eprocess struct and demonstrating some of the affect it may have on the system
List of ConDrv IOCTL code
WinDBG notes and commands cheatsheet
Solutions to Windows Kernel Programming exercises by Pavel Yosifovich
POC project to demonstrate how to make a process (or a thread) critical. If such process (or thread) is terminated, this will cause a BSOD.
Standard and DLL Manual Mapping
Basic implementation of the Windows loader in Rust
LeakGuard is a project to prevent the use of leaked passwords.
Just another process dumping tool for Windows, supporting network delivery and snapshots
OBOE - Origami Binary for Objects and Executables
In this repo i will try to talk about windows internals and try to summary the course.
Read and Edit external application's memory address space with ease (Windows os)
Hollow is a tool for implementing the process hollowing technique.
Nidhogg is an all-in-one simple to use rootkit for red teams.
Add a description, image, and links to the windows-internals topic page so that developers can more easily learn about it.
To associate your repository with the windows-internals topic, visit your repo's landing page and select "manage topics."