Ecosyste.ms: Repos

An open API service providing repository metadata for many open source software ecosystems.

GitHub topics: windows-kernel

HyperDbg/HyperDbg

State-of-the-art native debugging tool

Language: C - Size: 31.4 MB - Last synced: 2 days ago - Pushed: 2 days ago - Stars: 2,630 - Forks: 355

tandasat/HyperPlatform

Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.

Language: C++ - Size: 7.62 MB - Last synced: 12 days ago - Pushed: 6 months ago - Stars: 1,461 - Forks: 402

KelvinMsft/kHypervisor

kHypervisor is a lightweight bluepill-like nested VMM for Windows, it provides and emulating a basic function of Intel VT-x

Language: C++ - Size: 16.2 MB - Last synced: 10 days ago - Pushed: over 2 years ago - Stars: 373 - Forks: 128

0dayResearchLab/msFuzz

Targeting Windows Kernel Driver Fuzzer

Language: Makefile - Size: 1.2 MB - Last synced: 27 days ago - Pushed: 4 months ago - Stars: 107 - Forks: 17

therealdreg/Win.Cerdalux

WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs

Language: Assembly - Size: 23.1 MB - Last synced: 29 days ago - Pushed: 10 months ago - Stars: 15 - Forks: 0

daem0nc0re/AtomicSyscall

Tools and PoCs for Windows syscall investigation.

Language: C# - Size: 1.54 MB - Last synced: 24 days ago - Pushed: about 1 month ago - Stars: 345 - Forks: 49

can1357/NtRays

Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.

Language: C++ - Size: 30.3 KB - Last synced: 29 days ago - Pushed: 3 months ago - Stars: 479 - Forks: 63

daem0nc0re/SharpWnfSuite

C# Utilities for Windows Notification Facility

Language: C# - Size: 1.59 MB - Last synced: 24 days ago - Pushed: about 1 month ago - Stars: 123 - Forks: 25

therealdreg/masm32-kernel-programming

masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)

Language: Assembly - Size: 13.2 MB - Last synced: 29 days ago - Pushed: 10 months ago - Stars: 110 - Forks: 12

daem0nc0re/PrivFu

Kernel mode WinDbg extension and PoCs for token privilege investigation.

Language: C# - Size: 4.04 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 674 - Forks: 104

jxy-s/stlkrn

C++ STL in the Windows Kernel with C++ Exception Support

Language: C++ - Size: 221 KB - Last synced: 29 days ago - Pushed: 10 months ago - Stars: 374 - Forks: 82

backengineering/VDM 📦

Library to manipulate drivers that expose a physical memory read/write primitive.

Language: C++ - Size: 529 KB - Last synced: about 1 month ago - Pushed: 9 months ago - Stars: 13 - Forks: 5

MiroKaku/ucxxrt

The Universal C++ RunTime library, supporting kernel-mode C++ exception-handler and STL.

Language: C++ - Size: 6.77 MB - Last synced: about 2 months ago - Pushed: 4 months ago - Stars: 371 - Forks: 94

winfsp/winfsp

Windows File System Proxy - FUSE for Windows

Language: C - Size: 15 MB - Last synced: about 2 months ago - Pushed: 3 months ago - Stars: 6,530 - Forks: 477

SoftSec-KAIST/NTFuzz

NTFUZZ: Enabling Type-Aware Kernel Fuzzing on Windows with Static Binary Analysis (IEEE S&P '21)

Language: F# - Size: 7.92 MB - Last synced: about 1 month ago - Pushed: over 2 years ago - Stars: 86 - Forks: 22

rabbitstack/fibratus

A modern tool for Windows kernel exploration and tracing with a focus on security

Language: Go - Size: 13.8 MB - Last synced: about 2 months ago - Pushed: about 2 months ago - Stars: 2,070 - Forks: 181

therealdreg/WinXPSP2.Cermalus

Malware WinXPSP2.Cermalus Windows Kernel Virus

Language: Assembly - Size: 205 MB - Last synced: 29 days ago - Pushed: 10 months ago - Stars: 14 - Forks: 10

IDouble/Kernel-Memory-Reading-Writing

🔍 Code to read / write the Process Memory from the Kernel 🔧

Language: C - Size: 678 KB - Last synced: about 2 months ago - Pushed: 3 months ago - Stars: 43 - Forks: 8

0vercl0k/sic

Enumerate user mode shared memory mappings on Windows.

Language: C - Size: 696 KB - Last synced: 10 days ago - Pushed: over 3 years ago - Stars: 112 - Forks: 22

therealdreg/dregate

call gates as stable comunication channel for NT x86 and Linux x86_64

Language: C++ - Size: 33.3 MB - Last synced: 29 days ago - Pushed: 10 months ago - Stars: 27 - Forks: 5

tandasat/SimpleSvm

A minimalistic educational hypervisor for Windows on AMD processors.

Language: C++ - Size: 52.7 KB - Last synced: 3 months ago - Pushed: 6 months ago - Stars: 256 - Forks: 58

Arteiii/simpleWinDriver

example driver for my notes

Language: C++ - Size: 22.5 KB - Last synced: 4 months ago - Pushed: 4 months ago - Stars: 0 - Forks: 0

therealdreg/ringstepper

windbg plugin easy-step from user code to kernel code

Language: C - Size: 272 KB - Last synced: 29 days ago - Pushed: 10 months ago - Stars: 5 - Forks: 4

winfsp/winspd

Windows Storage Proxy Driver - User mode disk storage

Language: C - Size: 2.14 MB - Last synced: 3 months ago - Pushed: almost 3 years ago - Stars: 408 - Forks: 55

Anonym0usWork1221/android-memorytool

Android Memory Tools written in python for RAM data reading and writing process of android, linux and windows os's.

Language: Python - Size: 308 KB - Last synced: 21 days ago - Pushed: 7 months ago - Stars: 50 - Forks: 10

radkum/windows-kernel-rs

Windows kernel development in Rust is not widely used yet. Therefore, here is a simple example of a driver and minifilter written in Rust. Also, I've written some helpful crates. Enjoy!

Language: Rust - Size: 109 KB - Last synced: 3 months ago - Pushed: 3 months ago - Stars: 3 - Forks: 1

DownWithUp/WinPools

WinPools is an example of how Windows kernel big pool addresses can be leaking using NtQuerySystemInformation

Language: C - Size: 3.91 KB - Last synced: 4 months ago - Pushed: almost 5 years ago - Stars: 9 - Forks: 1

RIscRIpt/ntl 📦

Very tiny and selective implementation of STL for Windows NT kernel mode drivers

Language: C++ - Size: 43 KB - Last synced: 4 months ago - Pushed: almost 3 years ago - Stars: 17 - Forks: 10

SubconsciousCompute/fsfilter-rs

Experimental: A rust library to monitor filesystem 🪛 and more in windows

Language: C++ - Size: 6.36 MB - Last synced: 4 months ago - Pushed: about 1 year ago - Stars: 32 - Forks: 7

platforminfo/platforminfo

System info made easy - Python library to find system info on your computer. Requires python ≥ 3.7

Language: Python - Size: 151 KB - Last synced: 3 months ago - Pushed: 3 months ago - Stars: 3 - Forks: 0

therealdreg/cagrackme

short crackme for Windows XP SP3 (32 bit version). ring0 stuff. IMO very fun x-)

Language: Batchfile - Size: 129 KB - Last synced: 29 days ago - Pushed: 10 months ago - Stars: 23 - Forks: 0

vitoplantamura/BugChecker

SoftICE-like kernel debugger for Windows 11

Language: C - Size: 31 MB - Last synced: 7 months ago - Pushed: 11 months ago - Stars: 852 - Forks: 122

VoidSec/DriverBuddyReloaded

Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks

Language: Python - Size: 239 KB - Last synced: 7 months ago - Pushed: about 1 year ago - Stars: 250 - Forks: 43

tandasat/SimpleSvmHook

SimpleSvmHook is a research purpose hypervisor for Windows on AMD processors.

Language: C++ - Size: 438 KB - Last synced: 7 months ago - Pushed: over 3 years ago - Stars: 298 - Forks: 65

amiryeshurun/HyperWin-Communication-Driver

A driver that supports communication between a Windows guest and HyperWin

Language: C - Size: 36.1 KB - Last synced: 7 months ago - Pushed: over 3 years ago - Stars: 14 - Forks: 13

amiryeshurun/HyperWin

A native hypervisor designed for the Windows operating system

Language: C - Size: 2.57 MB - Last synced: 7 months ago - Pushed: about 3 years ago - Stars: 114 - Forks: 35

ntoskrnl7/crtsys

C/C++ Runtime library for system file (Windows Kernel Driver) - Supports Microsoft STL

Language: C++ - Size: 937 KB - Last synced: 7 months ago - Pushed: almost 2 years ago - Stars: 162 - Forks: 32

Maximly/vsys

Kernel modules in C++ with CMake: cross-platform system level development library for Linux/Windows/MacOS

Language: C++ - Size: 292 KB - Last synced: 9 months ago - Pushed: 9 months ago - Stars: 1 - Forks: 0

dennisbabkin/CritSectionVsKernelObject

POC project to demonstrate performance difference between a critical section and a synchronization kernel object in Windows.

Language: C++ - Size: 96.7 KB - Last synced: 9 months ago - Pushed: 9 months ago - Stars: 0 - Forks: 0

0xcpu/exthost

A POC for Windows Extension Host hooking

Language: C - Size: 4.88 KB - Last synced: 9 months ago - Pushed: almost 5 years ago - Stars: 22 - Forks: 11

vitoplantamura/BugChecker2002 📦

SoftICE-like debugger for Windows 2000 and XP. Archived.

Language: C - Size: 400 KB - Last synced: 11 months ago - Pushed: over 1 year ago - Stars: 8 - Forks: 8

karthik558/WSL2-Linux-Kernel Fork of microsoft/WSL2-Linux-Kernel

This is the source code for the Linux kernel that runs in Windows Subsystem for Linux 2 (WSL2).

Language: C - Size: 1.6 GB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 6 - Forks: 0

belazr/LumbrJack

LumbrJack is a very basic kernel mode logger for 64 bit Windows.

Language: C - Size: 53.7 KB - Last synced: about 1 year ago - Pushed: about 1 year ago - Stars: 0 - Forks: 0

rafael-santiago/kryptos

A multiplatform easy to embed crypto library.

Language: C - Size: 2.18 MB - Last synced: 9 months ago - Pushed: over 1 year ago - Stars: 3 - Forks: 0

KiFilterFiberContext/windows-software-policy

Research on obfuscated licensing APIs / CLIP service in the Windows kernel

Language: C - Size: 117 KB - Last synced: about 1 year ago - Pushed: almost 2 years ago - Stars: 45 - Forks: 1

loneicewolf/windows-rootkits

My own 'collection' of windows rootkits.

Size: 10.7 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 3 - Forks: 0

loneicewolf/smbdoor Fork of ExpLife0011/smbdoor

improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys

Language: C - Size: 6.92 MB - Last synced: about 1 year ago - Pushed: about 1 year ago - Stars: 46 - Forks: 5

WizardVan/Walker

Lot of Walkers under Windows.

Language: C - Size: 8.79 KB - Last synced: over 1 year ago - Pushed: over 8 years ago - Stars: 3 - Forks: 2

WizardVan/KernelHandlerReader

A kernel handler reader can read kernel handler from other process

Language: C - Size: 1000 Bytes - Last synced: over 1 year ago - Pushed: over 8 years ago - Stars: 2 - Forks: 0

Deputation/kernel_payload_comms

A proof of concept demonstrating communication via mapped shared memory structures between a user-mode process and a kernel-mode payload on Windows 10 20H2.

Language: C++ - Size: 285 KB - Last synced: about 1 year ago - Pushed: about 3 years ago - Stars: 36 - Forks: 23

SHA-MRIZ/DisplayMiniportHooking

Language: C++ - Size: 25.4 KB - Last synced: about 1 year ago - Pushed: over 3 years ago - Stars: 39 - Forks: 17

Exploitables/ExFreePool-Vulnerability

My research into taking advantage of ExFreePool primitives.

Language: C - Size: 537 KB - Last synced: about 1 year ago - Pushed: almost 2 years ago - Stars: 6 - Forks: 2

danielkrupinski/KernelProcessList

Example Windows Kernel-mode Driver which enumerates running processes.

Language: C - Size: 12.7 KB - Last synced: about 1 year ago - Pushed: almost 2 years ago - Stars: 31 - Forks: 19

ElliotAlderson51/Kernel-Rootkit-32Bit

Rootkit for Windows 32-bit

Language: C++ - Size: 5.86 KB - Last synced: about 1 year ago - Pushed: over 2 years ago - Stars: 4 - Forks: 1

SilverTuxedo/keval

Call arbitrary Windows kernel-mode functions from Python on another machine

Language: Python - Size: 194 KB - Last synced: about 1 year ago - Pushed: over 2 years ago - Stars: 42 - Forks: 5

yardenshafir/DpcWait

Driver demonstrating how to register a DPC to asynchronously wait on an object

Language: C++ - Size: 14.6 KB - Last synced: about 1 year ago - Pushed: over 3 years ago - Stars: 40 - Forks: 24

daem0nc0re/HEVD-CSharpKernelPwn

CSharp Writeups for HackSys Extreme Vulnerable Driver

Language: C# - Size: 48.8 KB - Last synced: about 1 year ago - Pushed: over 2 years ago - Stars: 41 - Forks: 17

luzhlon/winapi-kmd-rs Fork of pravic/winapi-kmd-rs

Windows Kernel-Mode Drivers written in Rust

Language: Rust - Size: 886 KB - Last synced: about 1 year ago - Pushed: over 6 years ago - Stars: 2 - Forks: 0

InoxicoDev/ELK.Spike

This repository is purposed for learning and setting up a POC of hosting the Elastic Stack on a Windows kernel using Docker. Very useful to host on a Windows server without Hyper-V support for Linux containers.

Language: PowerShell - Size: 57.6 KB - Last synced: about 1 year ago - Pushed: about 5 years ago - Stars: 1 - Forks: 0

Related Keywords
windows-kernel 59 windows 23 kernel 13 driver 10 kernel-driver 6 cpp 6 windows-driver 5 hypervisor 5 windbg 4 virtual-machine 4 driver-programming 4 security 4 reverse-engineering 4 windows-kernel-exploitation 3 c 3 linux-kernel 3 stl 3 python 3 kernel-debugger 3 malware 3 research 3 hooking 3 kernel-module 3 rust 3 assembly-x86 2 drivers 2 ntoskrnl 2 windows-kernel-hook 2 linux-kernel-module 2 virus 2 wdk 2 masm32 2 kernel-mode-driver 2 windbg-extension 2 cpp14 2 cpp17 2 cpp17-library 2 cpp20 2 windows-rootkit 2 gplv3 2 rootkit 2 svm 2 undocumented 2 amd 2 windows-10 2 memory 2 process 2 debugging 2 linux 2 virtualization 2 ept 2 vt-x 2 fuzzer 2 fuzzing 2 binary-analysis 2 assembler 2 malware-development 2 profiler 2 malware-sample 2 keyboard-logger 1 ring0 1 x86 1 internals 1 keyboard-driver 1 crackme 1 system-versioning 1 filter-driver 1 mouse-driver 1 system 1 mouse-logger 1 blake3 1 sysinfo 1 osversion 1 crypto 1 cryptography 1 cryptography-library 1 embedded-c 1 exploit 1 ucrt 1 windows-drivers 1 modern-cpp 1 macos-driver 1 kernel-drivers 1 cruntime-library 1 crt 1 windows-hypervisor 1 system-programming 1 windows-service 1 low-level 1 intel-vt 1 ioctl 1 idapython 1 syscall 1 ida-plugin 1 windbgx 1 x64 1 proof-of-concept 1 wsl2 1 ida 1 wsl2-kernel 1