MSFT_DriverBlockList : Mapping Microsoft’s Default Driver Block Lists Across OS Builds

The “MSFT_DriverBlockList” serves as a central repository for the default Microsoft Driver Block Lists, tailored for specific OS builds. It’s important to note the distinction between these default lists and the Microsoft recommended driver block lists, which offer guidance on broader driver management strategies. This article provides a concise overview of the available block lists …

Harden Windows Security – Elevate Your Protection With Microsoft’s Official Toolkit

Windows by default is secure and safe, this repository does not imply nor claim otherwise. Just like anything, you have to use it wisely and don’t compromise yourself with reckless behavior and bad user configuration; Nothing is foolproof. This repository only uses the tools and features that have already been implemented by Microsoft in Windows …

Powershell Digital Forensics And Incident Response (DFIR) – Essential Scripts For Windows Cyber Defense

Powershell Digital Forensics & Incident Response (DFIR) equips cybersecurity professionals with a suite of PowerShell scripts tailored for effective incident handling on Windows devices. From collecting forensic artifacts to analyzing security events, these tools streamline the process of identifying, understanding, and mitigating cyber threats, ensuring a robust defense mechanism in the digital landscape. This repository …

msdocviewer – Streamlining Win32 API And Driver Documentation Viewing – A Comprehensive Guide

msdocviewer is a simple tool for viewing Microsoft’s win32 API and driver technical documentation. msdocviewer consists of two parts. The first is a parser (run_me_first.py) that searches for all markdown files in the Microsoft sdk-api and driver repository, it then checks if the document is related to a function and if so, it copies the document to a directory and then …

BackupCreds – Mastering Credential Dumping In Windows

BackupCreds presents a groundbreaking method for security professionals to exploit SeTrustedCredmanAccessPrivilege, enabling the dumping of stored credentials in Windows environments. This article delves into the intricate process of leveraging elevated shells for credential extraction, offering a step-by-step guide on accessing and manipulating the Windows Credential Manager. Discover how BackupCreds transforms security testing and vulnerability assessments …

WinFiHack : Unlocking Wireless Networks – A DIY Guide To WiFi Brute Forcing On Windows

WinFiHack is a recreational attempt by me to rewrite my previous project Brute-Hacking-Framework’s main wifi hacking script that uses netsh and native Windows scripts to create a wifi bruteforcer. This is in no way a fast script nor a superior way of doing the same hack but it needs no external libraries and just Python and python …

Windows – Seamless Integration And Management

Explore the innovative approach to running Windows inside a Docker container, offering a streamlined and flexible solution for developers and IT professionals. This guide provides an in-depth look at setting up Windows environments using Docker, from automatic ISO downloads and KVM acceleration to web-based management. Whether you’re looking to create a Windows 11 machine or …

LdrLibraryEx – A Lightweight x64 Library For Loading DLLs Into Memory

A small x64 library to load dll’s into memory. n the world of software development, efficient DLL loading is a crucial aspect of optimizing performance and functionality. Enter “LdrLibraryEx,” a powerful x64 library designed to streamline the process of loading DLLs into memory. This lightweight and versatile tool offers developers a range of features, from …

Priv2Admin : Exploitation Paths Allowing You To (Mis)Use The Windows Privileges

Priv2Admin idea is to “translate” Windows OS privileges to a path leading to: administrator, integrity and/or confidentiality threat, availability threat, just a mess. Privileges are listed and explained at: https://docs.microsoft.com/en-us/windows/win32/secauthz/privilege-constants If the goal can be achieved multiple ways, the priority is Using built-in commands Using PowerShell (only if a working script exists) Using non-OS tools Using …

Debotnet : Tool For Controlling Windows 10’s Privacy-Related Settings

Debotnet is a free and portable tool for controlling Windows 10’s many privacy-related settings and keep your personal data private. Your preparation for the Net! The Windows 10 default privacy settings leave a lot to be desired when it comes to protecting you and your private information. Whenever I set up a new computer or …