GitHub topics: windbg
alphaSeclab/awesome-reverse-engineering
Reverse Engineering Resources About All Platforms(Windows/Linux/macOS/Android/iOS/IoT) And Every Aspect! (More than 3500 open source tools and 2300 posts&videos)
Size: 1.25 MB - Last synced at: about 13 hours ago - Pushed at: over 3 years ago - Stars: 4,637 - Forks: 874
snare/voltron
A hacky debugger UI for hackers
Language: Python - Size: 1.63 MB - Last synced at: 3 days ago - Pushed at: 3 months ago - Stars: 6,253 - Forks: 414
arizvisa/dotfiles
everyone does it, i guess it's about time i did as well. :)
Language: Vim Script - Size: 1.35 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 7 - Forks: 1
microsoft/DbgShell
A PowerShell front-end for the Windows debugger engine.
Language: C# - Size: 2.15 MB - Last synced at: 5 days ago - Pushed at: about 1 year ago - Stars: 684 - Forks: 89
repnz/windbg-cheat-sheet
My personal cheat sheet for using WinDbg for kernel debugging
Language: JavaScript - Size: 274 KB - Last synced at: 8 days ago - Pushed at: 8 days ago - Stars: 414 - Forks: 63
daem0nc0re/PrivFu
Kernel mode WinDbg extension and PoCs for token privilege investigation.
Language: C# - Size: 12.8 MB - Last synced at: 11 days ago - Pushed at: 3 months ago - Stars: 845 - Forks: 121
hfiref0x/WinObjEx64
Windows Object Explorer 64-bit
Language: C - Size: 18.4 MB - Last synced at: 14 days ago - Pushed at: 18 days ago - Stars: 1,734 - Forks: 295
0vercl0k/windbg-scripts
A bunch of JavaScript extensions for WinDbg.
Language: JavaScript - Size: 61.5 KB - Last synced at: 13 days ago - Pushed at: 5 months ago - Stars: 333 - Forks: 47
dshikashio/Pybag
Python module for Windbg's dbgeng plus additional wrappers.
Language: C - Size: 790 KB - Last synced at: 5 days ago - Pushed at: about 1 month ago - Stars: 63 - Forks: 16
dmaivel/ntoseye
Windows kernel debugger for Linux hosts running Windows under KVM/QEMU
Language: C++ - Size: 92.8 KB - Last synced at: 16 days ago - Pushed at: 6 months ago - Stars: 73 - Forks: 10
Dynatrace/superdump
A service for automated crash-dump analysis
Language: C# - Size: 12.7 MB - Last synced at: 21 days ago - Pushed at: 9 months ago - Stars: 521 - Forks: 76
yardenshafir/WinDbg_Scripts
Useful scripts for WinDbg using the debugger data model
Language: JavaScript - Size: 1.78 MB - Last synced at: 20 days ago - Pushed at: about 1 year ago - Stars: 407 - Forks: 67
hugsy/defcon_27_windbg_workshop
DEFCON 27 workshop - Modern Debugging with WinDbg Preview
Language: Python - Size: 76.3 MB - Last synced at: 12 days ago - Pushed at: 6 months ago - Stars: 720 - Forks: 129
0vercl0k/kdmp-parser-rs
A KISS Rust crate to parse Windows kernel crash-dumps created by Windows & its debugger.
Language: Rust - Size: 900 KB - Last synced at: 18 days ago - Pushed at: 3 months ago - Stars: 34 - Forks: 6
arvindshmicrosoft/SQLCallStackResolver
Supporting files for the main SQLCallStackResolver sample tool (https://aka.ms/SQLStack)
Size: 24.1 MB - Last synced at: 18 days ago - Pushed at: 28 days ago - Stars: 57 - Forks: 10
0vercl0k/snapshot
WinDbg extension written in Rust to dump the CPU / memory state of a running VM
Language: Rust - Size: 109 KB - Last synced at: 20 days ago - Pushed at: 6 months ago - Stars: 116 - Forks: 7
lowleveldesign/debug-recipes
My notes on software troubleshooting, covering debugging and tracing techniques and tools. Available at wtrace.net.
Language: HTML - Size: 15.2 MB - Last synced at: 19 days ago - Pushed at: 3 months ago - Stars: 333 - Forks: 71
0vercl0k/kdmp-parser
A Windows kernel dump C++ parser library with Python 3 bindings.
Language: C++ - Size: 608 KB - Last synced at: 20 days ago - Pushed at: 10 months ago - Stars: 199 - Forks: 29
irql/nokd
reverse engineering of the windows nt kernel debugger protocol & reimplementation.
Language: C - Size: 343 KB - Last synced at: 3 days ago - Pushed at: 10 months ago - Stars: 23 - Forks: 9
fremag/MemoScope.Net
Dump and analyze .Net applications memory ( a gui for WinDbg and ClrMd )
Language: C# - Size: 3.67 MB - Last synced at: 16 days ago - Pushed at: almost 5 years ago - Stars: 693 - Forks: 75
mrexodia/lolbin-poc
Small PoC of using a Microsoft signed executable as a lolbin.
Language: C++ - Size: 5.86 KB - Last synced at: 24 days ago - Pushed at: about 2 years ago - Stars: 136 - Forks: 16
kevingosse/windbg-extensions
Extensions for the new WinDbg
Language: HTML - Size: 15.8 MB - Last synced at: about 8 hours ago - Pushed at: about 2 years ago - Stars: 99 - Forks: 15
yanglr/advDotnetDebugging
Source code for advanced .NET Debugging.
Language: C# - Size: 92.6 MB - Last synced at: 20 days ago - Pushed at: about 4 years ago - Stars: 30 - Forks: 18
tinysec/rtypes
A simple but useful project maybe help you reverse Windows.
Language: C - Size: 148 KB - Last synced at: 23 days ago - Pushed at: about 1 year ago - Stars: 36 - Forks: 2
southpolenator/SharpDebug
C# debugging automation tool
Language: C# - Size: 30.9 MB - Last synced at: 12 days ago - Pushed at: over 2 years ago - Stars: 94 - Forks: 27
SeanCline/PyExt
WinDbg Extensions for Python
Language: C++ - Size: 364 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 81 - Forks: 15
gh057mz/Common-kExp-code-snippets
Windows kernel exploitation code snippets and techniques
Language: C - Size: 36.1 KB - Last synced at: 3 days ago - Pushed at: 6 months ago - Stars: 3 - Forks: 0
Evulpes/Reverse-Me
Reverse engineering write-up of an application containing an encrypted message.
Language: C++ - Size: 76.2 KB - Last synced at: 3 days ago - Pushed at: over 4 years ago - Stars: 8 - Forks: 3
f1zm0/WinDBG-Cheatsheet
WinDBG notes and commands cheatsheet
Size: 23.4 KB - Last synced at: about 2 months ago - Pushed at: about 3 years ago - Stars: 5 - Forks: 0
JKornev/cfgdump
Windbg extension that allows you analyze Control Flow Guard map
Language: C++ - Size: 17.6 KB - Last synced at: 6 days ago - Pushed at: over 3 years ago - Stars: 34 - Forks: 9
SweetIceLolly/Prevent_Process_Creation
Record & prevent process creation in kernel mode
Language: C - Size: 6.84 KB - Last synced at: 15 days ago - Pushed at: over 3 years ago - Stars: 42 - Forks: 13
tinysec/jswd
javascript extension of windbg for hacker.
Language: C++ - Size: 161 KB - Last synced at: 23 days ago - Pushed at: almost 2 years ago - Stars: 15 - Forks: 4
nop-tech/code_caver
Python based WinDbg script to automate the search for code caves in binaries and libraries.
Language: Python - Size: 41 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 40 - Forks: 8
therealdreg/shellex
C-shellcode to hex converter, handy tool for paste & execute shellcodes in IDA PRO, gdb, windbg, radare2, ollydbg, x64dbg, immunity debugger & 010 editor
Language: C - Size: 23 MB - Last synced at: 24 days ago - Pushed at: over 1 year ago - Stars: 115 - Forks: 23
yottaawesome/basic-windows-drivers
Basic experimentation with Windows drivers.
Language: C++ - Size: 323 KB - Last synced at: 8 days ago - Pushed at: about 2 years ago - Stars: 14 - Forks: 7
CrowdStrike/drawmeatree
Tool to visualize the output of the WinDbg "wt" command as customizable graphic trees, to facilitate reverse engineering.
Language: Python - Size: 1.69 MB - Last synced at: about 1 month ago - Pushed at: 5 months ago - Stars: 4 - Forks: 0
ErezAmihud/WindowsSymbolsByVersion
Mapping of windows symbols, build to manifest
Language: Python - Size: 30.6 MB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 0 - Forks: 0
chrisnas/DebuggingExtensions
Host of debugging-related extensions such as post-mortem tools or WinDBG extensions
Language: C# - Size: 4.44 MB - Last synced at: 5 days ago - Pushed at: over 3 years ago - Stars: 215 - Forks: 21
hugsy/windbg_js_scripts
Toy scripts for playing with WinDbg JS API
Language: JavaScript - Size: 348 KB - Last synced at: 6 months ago - Pushed at: 10 months ago - Stars: 219 - Forks: 40
vallejocc/Reverse-Engineering-Arsenal
Useful Scripts for helping in reverse engeenering
Language: Python - Size: 981 KB - Last synced at: 5 months ago - Pushed at: over 4 years ago - Stars: 182 - Forks: 50
pstolarz/dumpext 📦
WinDbg debugger extension library providing various tools to analyse, dump and fix (restore) Microsoft Portable Executable files for both 32 (PE) and 64-bit (PE+) platforms.
Language: C++ - Size: 166 KB - Last synced at: 8 months ago - Pushed at: 8 months ago - Stars: 83 - Forks: 32
Laurie0131/EDK_II_UDK_Debugger_pres
EDK II Source Level Debugging with the Intel® UEFI Development Kit Debugger (UDK Debugger)
Language: CSS - Size: 16.3 MB - Last synced at: about 2 months ago - Pushed at: about 5 years ago - Stars: 3 - Forks: 0
SeanCline/PythonSymbols
A WinDbg symbol server for all recent versions of CPython.
Language: Python - Size: 2.46 GB - Last synced at: 13 days ago - Pushed at: 13 days ago - Stars: 24 - Forks: 0
hugsy/hevd
Public repository for HEVD exploits
Language: C - Size: 434 KB - Last synced at: 15 days ago - Pushed at: almost 7 years ago - Stars: 20 - Forks: 6
swwwolf/wdbgark
WinDBG Anti-RootKit Extension
Language: C++ - Size: 2.94 MB - Last synced at: 9 months ago - Pushed at: over 4 years ago - Stars: 611 - Forks: 178
shenxiaolong-code/sourceIndex_forGit
debug tools : windbg source index solution for git projects (source slower, debug faster)
Language: Batchfile - Size: 48.8 KB - Last synced at: 5 months ago - Pushed at: almost 3 years ago - Stars: 15 - Forks: 7
schwindelig/postmortem
:skull: :fire: :snowflake: A basic analyzer for memory dumps containing managed code
Language: C# - Size: 495 KB - Last synced at: about 8 hours ago - Pushed at: over 2 years ago - Stars: 5 - Forks: 1
Therena/WindowsDevelopmentShellTools
Powershell commandlets for software development on the Microsoft Windows operating system
Language: PowerShell - Size: 50.8 KB - Last synced at: 9 months ago - Pushed at: almost 5 years ago - Stars: 7 - Forks: 2
therealdreg/windbgtocstruct
Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if needed
Language: Python - Size: 22.5 KB - Last synced at: 22 days ago - Pushed at: over 1 year ago - Stars: 26 - Forks: 8
Cr4sh/openreil 📦
Open source library that implements translator and tools for REIL (Reverse Engineering Intermediate Language)
Language: C - Size: 13.2 MB - Last synced at: 11 months ago - Pushed at: almost 4 years ago - Stars: 494 - Forks: 76
tandasat/hvext
The Windbg extension that implements commands helpful to study Hyper-V on Intel processors.
Language: JavaScript - Size: 123 KB - Last synced at: 11 months ago - Pushed at: 11 months ago - Stars: 110 - Forks: 13
KelvinMsft/kHypervisor
kHypervisor is a lightweight bluepill-like nested VMM for Windows, it provides and emulating a basic function of Intel VT-x
Language: C++ - Size: 16.2 MB - Last synced at: 11 months ago - Pushed at: over 3 years ago - Stars: 373 - Forks: 128
Faran-17/Windows-Internals
Important notes and topics on my journey towards mastering Windows Internals
Language: C++ - Size: 228 KB - Last synced at: 12 months ago - Pushed at: 12 months ago - Stars: 305 - Forks: 48
rifatx/DnExt
Managed WinDbg extension for .NET framework
Language: C# - Size: 467 KB - Last synced at: about 1 year ago - Pushed at: over 3 years ago - Stars: 1 - Forks: 1
bulentkazanci/Cheat-Sheet-Windbg
A practical guide to analyze memory dumps of .Net applications by using Windbg
Size: 11.7 KB - Last synced at: about 1 year ago - Pushed at: almost 5 years ago - Stars: 4 - Forks: 0
sukesh-ak/AutoDebug
Simple Debugger to run Windbg Commands and also query .NET CLR Runtime data in C#
Language: C# - Size: 41 KB - Last synced at: 12 months ago - Pushed at: almost 3 years ago - Stars: 19 - Forks: 4
bruce30262/TWindbg 📦
PEDA-like debugger UI for WinDbg
Language: Python - Size: 494 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 196 - Forks: 46
ispras/qemu Fork of qemu/qemu
Language: C - Size: 328 MB - Last synced at: 11 months ago - Pushed at: over 3 years ago - Stars: 50 - Forks: 13
Deniskore/windbg-workspace
Size: 74.2 KB - Last synced at: about 2 months ago - Pushed at: over 11 years ago - Stars: 25 - Forks: 10
kiyolee/setdbg
Handy utility to set auto start-up debugger
Language: Python - Size: 18.6 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 0
takubokudori/wdcs
A WinDbg extension to check the security features of the loaded modules with winchecksec
Language: C++ - Size: 17.6 KB - Last synced at: about 1 year ago - Pushed at: about 3 years ago - Stars: 0 - Forks: 0
sufyandaredevil/OSED
Notes taken from the official Offensive Security Exploit Development course videos and pdf
Language: Python - Size: 11.1 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0
DownWithUp/bswap
A Windbg extension for swapping byte endianness.
Language: C - Size: 50.8 KB - Last synced at: about 1 year ago - Pushed at: over 4 years ago - Stars: 2 - Forks: 1
trungnt2910/TcpToPipe
Forwards a named pipe server to a remote TCP server.
Language: C# - Size: 130 KB - Last synced at: about 1 month ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0
XORMANCER/x64dbg-theme-for-windbg
A windbg (classic) theme created to match the default dark theme of x64dbg.
Size: 180 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0
lordmilko/RebaseExt
Debugger extension for analyzing rebased addresses
Language: C++ - Size: 23.4 KB - Last synced at: 12 months ago - Pushed at: almost 3 years ago - Stars: 2 - Forks: 0
tahadraidia/windbg-arsenal
This repository contains a collection of WinDBG extensions.
Language: C++ - Size: 97.7 KB - Last synced at: 12 months ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 1
stonedreamforest/Mirage
kernel-mode Anti-Anti-Debug plugin. based on intel vt-x && ept technology
Size: 74.2 KB - Last synced at: over 1 year ago - Pushed at: over 4 years ago - Stars: 407 - Forks: 105
haibing-wang/cosos Fork of krk/cosos
CoSoS - Cousin of Son of Strike
Size: 438 KB - Last synced at: about 1 year ago - Pushed at: over 9 years ago - Stars: 0 - Forks: 0
micli/netcoredebugging
A repository maintains the book of ".NET Core application debugging" sample code.
Language: C# - Size: 1.5 MB - Last synced at: over 1 year ago - Pushed at: over 6 years ago - Stars: 66 - Forks: 19
seungyongshim/Net-Framework-Leak-WinDbg-Sample
Language: C# - Size: 1.41 MB - Last synced at: 28 days ago - Pushed at: over 2 years ago - Stars: 2 - Forks: 0
AndreyBazhan/DbgPkg
Scripts to prepare Windows system for debugging.
Language: Batchfile - Size: 6.84 KB - Last synced at: over 1 year ago - Pushed at: over 4 years ago - Stars: 31 - Forks: 8
segevfiner/windbgmon
Monitor Windows OutputDebugString messages
Language: Python - Size: 181 KB - Last synced at: 12 days ago - Pushed at: over 2 years ago - Stars: 3 - Forks: 0
dennisbabkin/CritSectionVsKernelObject
POC project to demonstrate performance difference between a critical section and a synchronization kernel object in Windows.
Language: C++ - Size: 96.7 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0
dennisbabkin/TestToolbar01
Test project used in the following blog post: https://dennisbabkin.com/blog/?i=AAA11C00
Language: C++ - Size: 17.6 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0
0cch/0cchext
0CCh Windbg extension: include some useful commands
Language: C - Size: 6.03 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 97 - Forks: 22
sonictk/maya_custom_unhandled_exception_filter_tutorial
A tutorial on writing unhandled exception filters, WinDbg extensions, and how exceptions on Windows work.
Language: C++ - Size: 73.2 KB - Last synced at: over 1 year ago - Pushed at: over 4 years ago - Stars: 14 - Forks: 2
hansalemaos/windbg2df
provides a convenient and streamlined approach to analyze Windows processes by converting windbg requests to pandas DataFrames
Language: Python - Size: 40 KB - Last synced at: 24 days ago - Pushed at: almost 2 years ago - Stars: 0 - Forks: 0
vagnerpilar/windbgtree
A command tree based on commands and extensions for Windows Kernel Debugging.
Size: 23.4 KB - Last synced at: almost 2 years ago - Pushed at: almost 5 years ago - Stars: 97 - Forks: 29
JayFoxRox/pykdclient
Cross-platform Python scripts to interface with the Microsoft Kernel Debugger
Language: Python - Size: 29.3 KB - Last synced at: 23 days ago - Pushed at: over 3 years ago - Stars: 10 - Forks: 1
tahadraidia/windbgext
This is a C++ helper class that simplifies creating Windbg extensions by using Dbgeng.h Debugging Engine API capabilities.
Language: C++ - Size: 8.79 KB - Last synced at: 12 months ago - Pushed at: almost 2 years ago - Stars: 0 - Forks: 0
tin-z/narly.js
narly.js - print binary protections with Windbg JS (/SafeSEH, /GS, ASLR, etc.)
Language: JavaScript - Size: 8.79 MB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 8 - Forks: 1
imugee/pegasus
reverse engineering extension plugin for windbg
Language: C++ - Size: 49.9 MB - Last synced at: about 2 years ago - Pushed at: over 5 years ago - Stars: 91 - Forks: 23
stevencohn/Learn.NET
Learn how .NET garbage collection works and how to debug crashes
Language: C# - Size: 3.44 MB - Last synced at: about 2 months ago - Pushed at: over 2 years ago - Stars: 1 - Forks: 0
Deputation/kernel_payload_comms
A proof of concept demonstrating communication via mapped shared memory structures between a user-mode process and a kernel-mode payload on Windows 10 20H2.
Language: C++ - Size: 285 KB - Last synced at: about 2 years ago - Pushed at: almost 4 years ago - Stars: 36 - Forks: 23
kh4sh3i/Malware-Analysis
A curated list of awesome malware analysis tools and resources
Size: 67.4 KB - Last synced at: about 2 years ago - Pushed at: over 3 years ago - Stars: 12 - Forks: 3
ashishnegi/windbg_scripts
Common scripts for automating Windbg debugging workflows like coroutines etc;
Language: JavaScript - Size: 15.6 KB - Last synced at: about 2 years ago - Pushed at: over 3 years ago - Stars: 1 - Forks: 0
pstolarz/asprext 📦
ASProtect reverse engineering & analysis WinDbg extension
Language: C - Size: 25.5 MB - Last synced at: about 2 years ago - Pushed at: over 4 years ago - Stars: 17 - Forks: 1
pstolarz/scriptext 📦
WinDbg scripting language utilities.
Language: C - Size: 103 KB - Last synced at: about 2 years ago - Pushed at: over 4 years ago - Stars: 12 - Forks: 7
Cr4sh/DbgCb 📦
Engine for communication with remote kernel debugger (KD, WinDbg) from drivers and applications
Language: C++ - Size: 828 KB - Last synced at: about 2 years ago - Pushed at: almost 12 years ago - Stars: 34 - Forks: 18
imugee/xdv
XDV is disassembler or debugger that works based on the extension plugin.
Language: C++ - Size: 98.5 MB - Last synced at: about 2 years ago - Pushed at: over 5 years ago - Stars: 51 - Forks: 14
progmboy/win32kext
windbg plugin for win32k debugging
Language: C++ - Size: 43.9 KB - Last synced at: about 2 years ago - Pushed at: over 5 years ago - Stars: 65 - Forks: 27
manison/PdbSourceIndexer
Extensible PDB source indexer
Language: C# - Size: 35.2 KB - Last synced at: almost 2 years ago - Pushed at: almost 4 years ago - Stars: 3 - Forks: 2
wangray/WinDBG-for-GDB-users
"Pwntools does not support Windows. Use a real OS ;)" — Zach Riggle, 2015
Size: 7.81 KB - Last synced at: about 2 years ago - Pushed at: over 5 years ago - Stars: 69 - Forks: 4
quangnh89/DbgSymGrabber
Just another tool to download specify Symbol (.pdb) files
Language: C++ - Size: 807 KB - Last synced at: about 2 years ago - Pushed at: over 5 years ago - Stars: 36 - Forks: 11
xquintana/DumpReport
Console application that creates an HTML report from a Windows user-mode dump file, using WinDBG or CDB debuggers. Although it's been mainly designed for crash dump analysis of Windows applications developed in C++, it can also be used to read hang dumps or .Net dumps.
Language: C# - Size: 545 KB - Last synced at: about 2 years ago - Pushed at: almost 3 years ago - Stars: 38 - Forks: 11
abarbatei/windbg-info
collection of links related to using and improving windbg
Size: 1.95 KB - Last synced at: about 2 years ago - Pushed at: almost 7 years ago - Stars: 17 - Forks: 7
LYingSiMon/voltron Fork of snare/voltron
A hacky debugger UI for hackers
Size: 1.63 MB - Last synced at: about 2 years ago - Pushed at: almost 3 years ago - Stars: 0 - Forks: 0
LYingSiMon/DbgShell Fork of microsoft/DbgShell
A PowerShell front-end for the Windows debugger engine.
Size: 2.15 MB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 0 - Forks: 0
LYingSiMon/Reverse-Engineering-Arsenal Fork of vallejocc/Reverse-Engineering-Arsenal
Useful Scripts for helping in reverse engeenering
Size: 981 KB - Last synced at: about 2 years ago - Pushed at: over 4 years ago - Stars: 0 - Forks: 0