PoCs and tools for investigation of Windows process execution techniques
-
Updated
Apr 26, 2024 - C#
PoCs and tools for investigation of Windows process execution techniques
Kernel mode WinDbg extension and PoCs for token privilege investigation.
PEDA-like debugger UI for WinDbg
This repository contains a collection of WinDBG extensions.
windbg plugin easy-step from user code to kernel code
javascript extension of windbg for hacker.
This is a C++ helper class that simplifies creating Windbg extensions by using Dbgeng.h Debugging Engine API capabilities.
WinDbg extension for data mining managed heap. It also includes commands to list http request, wcf services, WIF tokens among others
Small PoC of using a Microsoft signed executable as a lolbin.
C# debugging automation tool
Debugger extension for analyzing rebased addresses
A WinDbg extension to check the security features of the loaded modules with winchecksec
Host of debugging-related extensions such as post-mortem tools or WinDBG extensions
Windbg extension that allows you analyze Control Flow Guard map
Managed WinDbg extension for .NET framework
Source code for advanced .NET Debugging.
ASProtect reverse engineering & analysis WinDbg extension
WinDBG Anti-RootKit Extension
A command tree based on commands and extensions for Windows Kernel Debugging.
Add a description, image, and links to the windbg-extension topic page so that developers can more easily learn about it.
To associate your repository with the windbg-extension topic, visit your repo's landing page and select "manage topics."