CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers
-
Updated
Sep 5, 2020 - C
CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers
The history of Windows Internals via symbols.
Basic Windows Kernel Programming
WNF Utilities 4 Newbies (WNFUN)
Modern C++ wrapper for Windows PE signature verification mechanism
A ProcMon-esque tool for monitoring Windows Kernel Drivers
Practical Reverse Engineering Exercises
This is a dumping zone for random things which I tend to forget or stumble upon doing some stuff. Stuff related to windows internals, debugging, security and computers.
Implementation of the Process Hollowing technique for process injection (This is the second of three methods in the series)
Implementation of the Process Injection technique for DLL file injection
Implementation of the Process Hollowing technique for process injection (This is the third of three methods in the series)
Implementation of the Process Hollowing technique for process injection (This is the first of three methods in the series)
KNSoft.NDK provides native C/C++ definitions and import libraries for Windows NT and some specifications.
Add a description, image, and links to the windowsinternals topic page so that developers can more easily learn about it.
To associate your repository with the windowsinternals topic, visit your repo's landing page and select "manage topics."