SSDTFinder

During the course of windows internal, I wonder how we can do a live response on the kernel level. I start with a small trick to print the SSDT functions, the code have been modified and collected from different resources. I don't remember them, but thanks for all open source communities :) the code based on MemProcFS ; https://github.com/ufrisk/MemProcFS

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
.vs/SSDTFinder/v15		.vs/SSDTFinder/v15
Debug		Debug
x64		x64
NtdllFuncs.cpp		NtdllFuncs.cpp
NtdllFuncs.h		NtdllFuncs.h
README.md		README.md
SSDTFinder.sln		SSDTFinder.sln
SSDTFinder.vcxproj		SSDTFinder.vcxproj
SSDTFinder.vcxproj.filters		SSDTFinder.vcxproj.filters
SSDTFinder.vcxproj.user		SSDTFinder.vcxproj.user
Source.cpp		Source.cpp
leechcore.dll		leechcore.dll
leechcore.h		leechcore.h
leechcore.lib		leechcore.lib
vmm.dll		vmm.dll
vmm.lib		vmm.lib
vmmdll.h		vmmdll.h
winpmem_64.sys		winpmem_64.sys

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

SSDTFinder

About

Releases

Packages

Languages

H4Security/SSDTFinder

Folders and files

Latest commit

History

Repository files navigation

SSDTFinder

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages