Interactive CTF Exploration Tool
-
Updated
Sep 17, 2021 - C
Interactive CTF Exploration Tool
A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization, interprocess communication, Unicode string manipulation, error handling, Winsock networking operations, and registry operations.
PoCs and tools for investigation of Windows process execution techniques
An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
A lightweight native DLL mapping library that supports mapping directly from memory
An advanced tool for working with access tokens and Windows security policy.
A wrapper library around native windows sytem APIs
My notes while studying Windows internals
🐟 PoC of a VBA macro spawning a process with a spoofed parent and command line.
UltimateAntiCheat is an open source usermode anti-cheat system made to detect and prevent common attack vectors in game hacking (C++, Windows)
Manipulating and Abusing Windows Access Tokens.
Single header version of System Informer's phnt library.
The history of Windows Internals via symbols.
Livro: Engenharia Reversa - Fundamentos e Prática
Intercept Windows Named Pipes communication using Burp or similar HTTP proxy tools
Delphi library for system programming on Windows using Native API
DLL Injector (LoadLibrary) in C++ (x86 / x64) - LoadLibrary DLL injector
A manual system call library that supports functions from both ntdll.dll and win32u.dll
Add a description, image, and links to the windows-internals topic page so that developers can more easily learn about it.
To associate your repository with the windows-internals topic, visit your repo's landing page and select "manage topics."