ntoskrnl topic
Nt-Modules
Collect different versions of Crucial modules.
sic
Enumerate user mode shared memory mappings on Windows.
resym
Cross-platform tool that allows browsing and extracting C and C++ type declarations from PDB files.
SymStore
The history of Windows Internals via symbols.
NtRays
Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.
windiff
Web-based tool that allows comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the OS.
ntoskrnl_file_collection
Collect various versions of ntoskrnl files
zeroimport
ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel driver by importing at runtime.
InstrumentationCallbackToolKit
A fast method to intercept syscalls from any user-mode process using InstrumentationCallback and detect any process using InstrumentationCallback.
CVE-2024-20698
Analysis of the vulnerability