驱动开发工程模板及工具包
- src\driver-loader 驱动加载命令行
- src\pe2array PE 文件转字节数组并加密,保存为头文件方便其他工程引用
- https://github.com/eric21/MemPE
- https://github.com/fancycode/MemoryModule
- https://github.com/wyrover/unHooker
- https://github.com/eric21/ssdt.Recover.21yu3
- https://github.com/wessamza/R3R-BASE Ring3 rootkits - Base
- https://github.com/wessamza/DpcCap
- https://github.com/aaaddress1/HellKitty-In-VC Ring3 Rootkit Backdoor.
- https://github.com/aaaddress1/ReflectiveDLLInjection 64 位注入
- https://github.com/aaaddress1/APCInjector-BYPASS-AV
- https://github.com/aaaddress1/Virus-Patten-API-Call
- https://github.com/aaaddress1/Dad-sRoot hook 指定进程 API
- https://github.com/aaaddress1/WinHTTP-Request-Hijacking-In-CSharp
- https://github.com/aaaddress1/Dev-C-Homework/tree/master/Attack-KMPlayer_1440
- https://github.com/aaaddress1/QACInjector-In-CBuilder
- https://github.com/aaaddress1/HTTPs-WebClient-In-CBuilder
- https://github.com/s18leoare/Hackshield-Driver-Bypass
- https://github.com/redcodes/GameHack
- https://github.com/redcodes/DevToolkit
- https://github.com/redcodes/gh0st
- https://github.com/sincoder/A-Protect
- https://github.com/sincoder/hidedir 使用SSDT HOOK 在windows上隐藏指定文件或者文件夹
- https://github.com/awendemo/SSDT-Hook
- https://github.com/martinb3/windows_driver_model_tutorial 教程
- https://github.com/Joshf2k/RegistryMonitor
- https://github.com/wyrover/HKkernelDbg
- https://github.com/hfiref0x/DSEFix Windows x64 Driver Signature Enforcement Overrider
- https://github.com/hfiref0x/WinObjEx64
- https://github.com/hfiref0x/TDL Driver loader for bypassing Windows x64 Driver Signature Enforcement
- https://github.com/hfiref0x/ZeroAccess
- https://github.com/hfiref0x/VBoxHardenedLoader
- https://github.com/hfiref0x/LightFTP
- https://github.com/hfiref0x/CVE-2015-1701
- https://github.com/nikkov/Win-Widget
- https://github.com/daynix/UsbDk
- https://github.com/daynix/kvm-guest-drivers-windows 驱动编程批处理
- https://github.com/Nextzero/WindowsDriver 教程
- https://github.com/guidoreina/classes
- https://github.com/guidoreina/password_generator
- https://github.com/guidoreina/bplus-tree B+ 树
- https://github.com/uri247/wdk81
- https://github.com/gpoulios/ROPInjector shellcode
- https://github.com/wyrover/rootkit.com
- https://github.com/b3mb4m/shellsploit-framework shellcode
- https://github.com/ambray/Ntfs
- https://github.com/strozfriedberg/ntfs-linker
- https://github.com/tfairane/ReverseEngineering
- https://github.com/tfairane/DKOM
- https://github.com/tfairane/DetourAPIMonitor
- https://github.com/ThomasThelen/AntiDebugging
- https://github.com/scalys7/Vulnerable-Driver
- https://github.com/ThomasThelen/DumpHeapMemory
- https://github.com/scalys7/Privilege-Escalation-Framework/tree/master/Privilege%20Escalation%20Framework
- https://github.com/scalys7/Windows-Kernel-Research
- https://github.com/scalys7/Postion-Indipendent-Code-Framework
- https://github.com/hfiref0x/ZeroAccess rootkit
- https://github.com/XiphosResearch/exploits
- https://github.com/MalwareTech/CreateDesktop
- https://github.com/MalwareTech/AppContainerSandbox
- https://github.com/MalwareTech/FstHook
- https://github.com/MalwareTech/BasicHook
- https://github.com/MalwareTech/ZombifyProcess
- https://github.com/MalwareTech/UACElevator
- https://github.com/mieleke/Win64-Rovnix-VBR-Bootkit
- https://github.com/edix/LoadDll
- https://github.com/edix/MalwareResourceScanner
- https://github.com/edix/HiddenProcessDetection
- https://github.com/benlinxy/CodeInjection
- https://github.com/JonDoNym/peinjector
- https://github.com/benlinxy/DllInjection_CreateRemoteThread
- https://github.com/benlinxy/DllInjection_SetWindowsHookEx
- https://github.com/tandasat/RemoteWriteMonitor
- https://github.com/SekoiaLab/pe-tools
wdk 提供了驱动安装工具,有三种