AMSI bypass techniques and tools
-
Updated
Mar 22, 2023 - PowerShell
AMSI bypass techniques and tools
A DLL injection of RdpThief.dll to perform API hooking and extract RDP credentials
Microsoft Developer Blogs Search Tool
Introducing the Eprocess struct and demonstrating some of the affect it may have on the system
List of ConDrv IOCTL code
WinDBG notes and commands cheatsheet
POC project to demonstrate how to make a process (or a thread) critical. If such process (or thread) is terminated, this will cause a BSOD.
Solutions to Windows Kernel Programming exercises by Pavel Yosifovich
Standard and DLL Manual Mapping
LeakGuard is a project to prevent the use of leaked passwords.
Just another process dumping tool for Windows, supporting network delivery and snapshots
Basic implementation of the Windows loader in Rust
OBOE - Origami Binary for Objects and Executables
In this repo i will try to talk about windows internals and try to summary the course.
Read and Edit external application's memory address space with ease (Windows os)
Hollow is a tool for implementing the process hollowing technique.
PE32+ / 64-bit / LoadLibrary without imports table.
Little tool and (header-only lib) to investigate Windows Internals. Shout out to @zodiacon. No pull requests (this is actually a mirrored Mercurial repo).
Add a description, image, and links to the windows-internals topic page so that developers can more easily learn about it.
To associate your repository with the windows-internals topic, visit your repo's landing page and select "manage topics."