1. Symlinkcallback
A driver that hooks C: volume using symbolic link callback to track all FS access to the volume
✭ 77
2. Kerneldatastructurefinder
Driver and WinDBG scripts to dump information about all resources and lookaside lists
✭ 48
3. Dpcwait
Driver demonstrating how to register a DPC to asynchronously wait on an object
4. cet-research
A collection of tools, source code, and papers researching Windows' implementation of CET.
✭ 32
c5. WinDbg Scripts
Useful scripts for WinDbg using the debugger data model
6. MitigationFlagsCliTool
Command like tool to print mitigation flags for running processes in a memory dump
✭ 31
C++7. IoRing Demos
A repository for I/O ring demos, use cases and performance testing on Windows
1-7 of 7 user projects