Search found 4 matches

by AxtMueller
Mon Jan 28, 2019 1:47 am
Forum: Tools/Software
Topic: A free but powerful Windows kernel research tool: Windows Kernel Explorer
Replies: 1
Views: 2005

Re: A free but powerful Windows kernel research tool: Windows Kernel Explorer

I released a new version of it today. Download latest version in "binaries" directory.
by AxtMueller
Thu Jan 17, 2019 7:36 pm
Forum: Kernel-Mode Development
Topic: Read Unknown Kernel Address In A Safe Way
Replies: 2
Views: 1335

Re: Read Unknown Kernel Address In A Safe Way

These methods as well as many others have been shared on this forum for some time now but for those less informed your examples may be informative, so thanks for this. As of 8.1 MmCopyMemory() is imho the best choice because it was designed to do exactly this and performs the underlying PTE validat...
by AxtMueller
Mon Dec 31, 2018 3:44 pm
Forum: Kernel-Mode Development
Topic: Read Unknown Kernel Address In A Safe Way
Replies: 2
Views: 1335

Read Unknown Kernel Address In A Safe Way

Author: Axt Müller If you are engaged in Windows driver development for many years, I guess you have a nightmare: how to read an unknown address in an absolutely safe way. We all know that, it is useless to test the validity of the address by MmIsAddressValid, even if this function return TRUE, the...
by AxtMueller
Mon Dec 31, 2018 7:14 am
Forum: Tools/Software
Topic: A free but powerful Windows kernel research tool: Windows Kernel Explorer
Replies: 1
Views: 2005

A free but powerful Windows kernel research tool: Windows Kernel Explorer

Project URL on GitHub: https://github.com/AxtMueller/Windows-Kernel-Explorer Introduction Windows Kernel Explorer (you can simply call it as "WKE") is a free but powerful Windows kernel research tool. It supports from Windows XP to Windows 10, 32-bit and 64-bit. Compare to popular tools (such as WI...