zodiacon/Win10SysProgBookSamples

Stars
406
Rank 106,421 (Top 3 %)
Language
C++
License
MIT License
Created over 5 years ago
Updated 5 months ago

zodiacon

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Windows 10 System Programming book samples

The book is available here: https://leanpub.com/windows10systemprogramming and on Amazon

WindowsInternals

Windows Internals Book 7th edition Tools

2,359

TotalRegistry

Total Registry - enhanced Registry editor/viewer

C++

1,360

AllTools

All reasonably stable tools

1,138

SystemExplorer

Windows System Explorer

829

windowskernelprogrammingbook

The Windows Kernel Programming book samples

ProcMonXv2

ProcMonX

Extended Process Monitor-like tool based on Event Tracing for Windows

462

EtwExplorer

View ETW Provider manifest

416

PEExplorerV2

Portable Executable Explorer version 2

399

DriverMon

Monitor activity of any driver

326

windowskernelprogrammingbook2e

Samples for the book Windows Kernel Programming, 2nd edition

C++

285

WFPExplorer

Windows Filtering Platform Explorer

C++

201

ObjectExplorer

Explore Kernel Objects on Windows

C++

195

WinSpy

Enhanced version of the classic Spy++ tool

C++

171

QuickAsm

Simple x86/x64 Assembler/Disassembler/Emulator

C++

161

PEExplorer

Portable Executable Explorer

TotalPE2

TotalPE

Yet another PE Viewer

C++

137

sysrun

Run any executable as SYSTEM account (no service required)

PoolMonXv2

rust-course

RunAppContainer

Run executables in an AppContainer

C++

115

CLRExplorer

Explore .NET Processes and Dump files

C++

115

PoolMonX

A GUI version of the classic PoolMon tool

C++

109

WinDbgX

An attempt to create a friendly version of WinDbg

ApiSetView

API Set Viewer

C++

NetworkExplorer

Windows Network Information

C++

GflagsX

Enhanced version of the GFlags tool

PdbView

PdbView shows the contents of PDB files

ALPCLogger

Log ALPC activity

JobExplorer

Explore Job Objects on a Windows system

C++

DllInjectionWithThreadContext

This is a sample that shows how to leverage SetThreadContext for DLL injection

C++

Recon2023

Recon 2023 slides and code

C++

WinSys

C++ library for low-level Windows development

C++

DbgPrint

Debug Print viewer (user and kernel)

C++

ProcExpX

C++

KernelObjectView

View handles and object for each object type

C++

syllabi

PoolMonXv3

Monitor Kernel pool allocations tags

C++

winnativeapibooksamples

Samples from my book Windows Native API programming

C++

VerifierDLL

Example of building an application verifer DLL

C++

WTLHelper

WTL helper library

C++

PerfMonX

PerfMonX is an enhanced Performance Monitor tool

WinEventHooks

SetWinEventHook Sample

C++

DotNetExp

C++

DeviceExplorer

C++

BITSManager

BITS Transfers Manager

DepWalk

CPUStress

InfStudio

INF Studio for easier working with driver installation files

C++

DotNextSP2019

DotNext 2019 St. Petersburg Talk Demos

NativeApps

Demos and presentation from SECArmy Village Grayhat 2020

TotalSystem

View Windows System in action

C++

ObjectBrowser

An alternative tool to Sysinternals WinObj tool (nicer icons!)

C++

ObjMgrProjFS

Projected File System Sample (Object Manager Namespace)

C++

ndcoslo2019

NDC Oslo 2019 slides and demos

C++

ManagedWindows

Managed wrappers around the Windows API and some Native API

DllIconHandler

Shows different icons for 64 and 32-bit DLLs. Register with RegSvr32 to install

C++

PEParser

Portable Executable parsing library, used by PEExplorer. Also available as a nuget package

youtubecode

Youtube channel sample code

C++

Blog

Blog posts

DirectUI

C++

BgInfo

BgInfo is a WPF variant on the Sysinternals BgInfo tool.

DotNextMoscow2019

C++

TaskSched

C++

NtfsStreams

Viewing NTFS alternate streams in files

DebugHelp

.NET wrapper for dbghelp.dll

RegistryExplorer

InterceptionDemo

Sample showing the use of CoGetInterceptor

C++

MetroManager

KObjects

Sample for Creating a new kernel object type and supporting API

C++

HexStudio

Hex Studio is a work in progress Hex viewer and editor.

ObjDir

Simple command line version of Sysinternals WinObj. Currently just lists object names and types given an object manager directory.

C++

MalDevWorkshopWebinar

Demo from the Malware Analysis and Development Webinar

C++

SrvDrv

Services and Drivers control application

WindowTitleEx

WindowTitleEx shows the HWND, thread ID and process in Windows titles. Tray icon to remove these extra is included.

StructuredStorage

C++ wrapper for the Windows structured storage implementation known as Compound Files

C++

AccessMask

C++

ErrorLookup

Simple error lookup for Win32 and NTSTATUS errors

C++

Minimal

C++

winsta

Show Window Stations, Desktops and top level windows

C++

VirtualDiskService

NativePowers

Native Powers Talk demos

C++

Zodiacon.WPF

WPF helper library

WMIExplorer

C++

CalculatorX

An expression calculator

pstools-rust

Rust

DotNext2018

Logo2

C++

objdir-rs

Rust version of the objdir tool

Rust

CoreCpp21Demos

C++

QSlice2

Tribute to the classic QSlice tool

C++

DotNextPieter2021

DotNext 2021 Pieter slides and demos

QSlice

MandelImGui

Simple Mandelbrot set with Dear ImGUI

C++

Timer

Simple timer

C++

MonikerFun

Demonstrating a simple moniker.

C++

SpriteSheet

Simple Sprite Sheet creator

Presentations

public presentation materials

100

AsyncMandelbrotColor

Fun with the Mandelbrot Set

zodiacon/Win10SysProgBookSamples

zodiacon

Reviews

Repository Details

Windows 10 System Programming book samples

More Repositories