Basic windows process protection written in Go, using the NtSetInformationProcess API
-
Updated
May 2, 2017 - Go
Basic windows process protection written in Go, using the NtSetInformationProcess API
Some stuff for dealing with Windows processes
Debugger checks in 3 ways
Simple project that demonstrates how an ETW consumer can be created just by using NTDLL
Windows 10 PE image loader (LDR) NTDLL component toolbox
Bypass for CS:GO's LoadLibrary injection prevention mechanism, achieved by patching one byte of game memory.
Dump syscall numbers from ntdll.dll
woftool is a proof-of-concept utility for creating WOF-compressed files
Using Undocumented NTDLL Functions to Read/Write/Delete File
Collection of shellcode injection and execution techniques
The history of Windows Internals via symbols.
Windows 11 Syscall table. Ready to use in direct syscall. Actively maintained.
manual mapping injector
A shellcode runner / injector / hollower in Go, for windows
Add a description, image, and links to the ntdll topic page so that developers can more easily learn about it.
To associate your repository with the ntdll topic, visit your repo's landing page and select "manage topics."