Search found 9 matches

by AxtMueller
Fri Mar 29, 2019 7:47 am
Forum: Tools/Software
Topic: A free but powerful Windows kernel research tool: Windows Kernel Explorer
Replies: 6
Views: 2407

Re: A free but powerful Windows kernel research tool: Windows Kernel Explorer

The software was updated on 2019-03-29. Everyone can download the latest version in the "binary" directory.
by AxtMueller
Tue Mar 26, 2019 12:41 am
Forum: Kernel-Mode Development
Topic: Stealth Hook
Replies: 1
Views: 722

Re: Stealth Hook

Try to use VEH hook? You can do it in user mode.
by AxtMueller
Tue Mar 26, 2019 12:36 am
Forum: Newbie Questions
Topic: [C] HTTP-Downloader
Replies: 5
Views: 1783

Re: [C] HTTP-Downloader

Using URLDownloadToFile is the best solution, it supports not only HTTP but also HTTPS.
by AxtMueller
Tue Mar 26, 2019 12:23 am
Forum: Tools/Software
Topic: A free but powerful Windows kernel research tool: Windows Kernel Explorer
Replies: 6
Views: 2407

Re: A free but powerful Windows kernel research tool: Windows Kernel Explorer

The software was updated on 2019-03-26. Everyone can download the latest version in the "binary" directory.
by AxtMueller
Sun Mar 24, 2019 11:41 pm
Forum: Tools/Software
Topic: A free but powerful Windows kernel research tool: Windows Kernel Explorer
Replies: 6
Views: 2407

Re: A free but powerful Windows kernel research tool: Windows Kernel Explorer

The software was updated on 2019-03-25. Everyone can download the latest version in the "binary" directory.
by AxtMueller
Mon Jan 28, 2019 1:47 am
Forum: Tools/Software
Topic: A free but powerful Windows kernel research tool: Windows Kernel Explorer
Replies: 6
Views: 2407

Re: A free but powerful Windows kernel research tool: Windows Kernel Explorer

I released a new version of it today. Download latest version in "binaries" directory.
by AxtMueller
Thu Jan 17, 2019 7:36 pm
Forum: Kernel-Mode Development
Topic: Read Unknown Kernel Address In A Safe Way
Replies: 2
Views: 1446

Re: Read Unknown Kernel Address In A Safe Way

These methods as well as many others have been shared on this forum for some time now but for those less informed your examples may be informative, so thanks for this. As of 8.1 MmCopyMemory() is imho the best choice because it was designed to do exactly this and performs the underlying PTE validat...
by AxtMueller
Mon Dec 31, 2018 3:44 pm
Forum: Kernel-Mode Development
Topic: Read Unknown Kernel Address In A Safe Way
Replies: 2
Views: 1446

Read Unknown Kernel Address In A Safe Way

Author: Axt Müller If you are engaged in Windows driver development for many years, I guess you have a nightmare: how to read an unknown address in an absolutely safe way. We all know that, it is useless to test the validity of the address by MmIsAddressValid, even if this function return TRUE, the...
by AxtMueller
Mon Dec 31, 2018 7:14 am
Forum: Tools/Software
Topic: A free but powerful Windows kernel research tool: Windows Kernel Explorer
Replies: 6
Views: 2407

A free but powerful Windows kernel research tool: Windows Kernel Explorer

Project URL on GitHub: https://github.com/AxtMueller/Windows-Kernel-Explorer Introduction Windows Kernel Explorer (you can simply call it as "WKE") is a free but powerful Windows kernel research tool. It supports from Windows XP to Windows 10, 32-bit and 64-bit. Compare to popular tools (such as WI...