Interactive CTF Exploration Tool
-
Updated
Sep 17, 2021 - C
Interactive CTF Exploration Tool
PoCs and tools for investigation of Windows process execution techniques
An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).
A lightweight native DLL mapping library that supports mapping directly from memory
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
An advanced tool for working with access tokens and Windows security policy.
A wrapper library around native windows sytem APIs
🐟 PoC of a VBA macro spawning a process with a spoofed parent and command line.
My notes while studying Windows internals
Manipulating and Abusing Windows Access Tokens.
The history of Windows Internals via symbols.
Livro: Engenharia Reversa - Fundamentos e Prática
Intercept Windows Named Pipes communication using Burp or similar HTTP proxy tools
UltimateAntiCheat is a free & open source usermode anti-cheat system made to detect and prevent common attack vectors in game hacking
Single header version of System Informer's phnt library.
A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization, interprocess communication, Unicode string manipulation, error handling, Winsock networking operations, and registry operations.
A manual system call library that supports functions from both ntdll.dll and win32u.dll
Some random system tools for Windows
Delphi library for system programming on Windows using Native API
Add a description, image, and links to the windows-internals topic page so that developers can more easily learn about it.
To associate your repository with the windows-internals topic, visit your repo's landing page and select "manage topics."