windows-internals topics

WindowsInternals

204

Stars

26

Forks

Watchers

Yet another windows internals repo

vxcute

reverse-engineering

windows-internals

pipe-intercept

158

Stars

17

Forks

Watchers

Intercept Windows Named Pipes communication using Burp or similar HTTP proxy tools

gabriel-sztejnworcel

interception-tools

mitm

named-pipes

windows-internals

TangledWinExec

852

Stars

133

Forks

Watchers

PoCs and tools for investigation of Windows process execution techniques

daem0nc0re

red-team

reverse-engineering

windows

windows-internals

wnfun

87

Stars

16

Forks

Watchers

WNF Utilities 4 Newbies (WNFUN)

ionescu007

internals

kernel

reverse-engineering

reversing

NtTools

102

Stars

21

Forks

Watchers

Some random system tools for Windows

diversenok

ntapi

system

winapi

windows

Dreadnought

53

Stars

21

Forks

Watchers

PoC for detecting and dumping code injection (built and extended on UnRunPE)

NtRaiseHardError

code-injection

dll-injection

dll-injection-detection

hooking

ALPC-Example

84

Stars

28

Forks

Watchers

An example of a client and server using Windows' ALPC functions to send and receive data.

DownWithUp

alpc

example-code

lpc

windows-10

conference_talks

35

Stars

9

Forks

Watchers

Slides from various conference talks

yardenshafir

conference-talk

edr

exploitation

mitigation

DpcWait

43

Stars

28

Forks

Watchers

Driver demonstrating how to register a DPC to asynchronously wait on an object

yardenshafir

debugging

dpc

wait

windows

ProcessInfo

23

Stars

11

Forks

Watchers

A class to gather information about a process, its threads and modules.

Broihon

pe-loader

reverse-engineering

windows-internals