├── .gitattributes ├── .gitignore ├── Documents ├── Hivelist.gif ├── SwishDbgExt.pdf ├── Windbg_Template.WEW └── windbg_template.reg ├── LICENSE ├── README.md ├── SwishDbgExt.sln └── SwishDbgExt ├── Azure.cpp ├── Azure.h ├── CNdiskd ├── CAdapters.cpp ├── CAdapters.h ├── CMinidriver.cpp ├── CMinidriver.h ├── CNdiskd.cpp ├── CNdiskd.h ├── COpenblock.cpp ├── COpenblock.h ├── CProtocols.cpp ├── CProtocols.h ├── CReport.cpp ├── CReport.h ├── utils.cpp └── utils.h ├── Checks ├── Codecave.cpp └── Codecave.h ├── Common.cpp ├── Common.h ├── Credentials.cpp ├── Credentials.h ├── DbgHelpEx.cpp ├── DbgHelpEx.h ├── Drivers.cpp ├── Drivers.h ├── EngExpCppEx.h ├── EngExtCppEx.cpp ├── Lxss.cpp ├── Lxss.h ├── Md5.cpp ├── Md5.h ├── Network.cpp ├── Network.h ├── NtDef.h ├── Objects.cpp ├── Objects.h ├── Output.cpp ├── Output.h ├── Process.cpp ├── Process.h ├── Registry.cpp ├── Registry.h ├── Security.cpp ├── Security.h ├── Storage.cpp ├── Storage.h ├── SwishDbgExt.cpp ├── SwishDbgExt.def ├── SwishDbgExt.h ├── SwishDbgExt.rc ├── SwishDbgExt.vcxproj ├── SwishDbgExt.vcxproj.filters ├── System.cpp ├── System.h ├── UntypedData.cpp ├── UntypedData.h ├── Version.rc ├── Version.txt ├── VirusTotal.cpp ├── VirusTotal.h ├── Yara.cpp ├── Yara.h ├── engextcpp.cpp ├── engextcpp.hpp ├── packages.config ├── resource.h ├── stdafx.cpp ├── stdafx.h └── targetver.h /.gitattributes: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/.gitattributes -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/.gitignore -------------------------------------------------------------------------------- /Documents/Hivelist.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/Documents/Hivelist.gif -------------------------------------------------------------------------------- /Documents/SwishDbgExt.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/Documents/SwishDbgExt.pdf -------------------------------------------------------------------------------- /Documents/Windbg_Template.WEW: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/Documents/Windbg_Template.WEW -------------------------------------------------------------------------------- /Documents/windbg_template.reg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/Documents/windbg_template.reg -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/README.md -------------------------------------------------------------------------------- /SwishDbgExt.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt.sln -------------------------------------------------------------------------------- /SwishDbgExt/Azure.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Azure.cpp -------------------------------------------------------------------------------- /SwishDbgExt/Azure.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Azure.h -------------------------------------------------------------------------------- /SwishDbgExt/CNdiskd/CAdapters.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/CNdiskd/CAdapters.cpp -------------------------------------------------------------------------------- /SwishDbgExt/CNdiskd/CAdapters.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/CNdiskd/CAdapters.h -------------------------------------------------------------------------------- /SwishDbgExt/CNdiskd/CMinidriver.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/CNdiskd/CMinidriver.cpp -------------------------------------------------------------------------------- /SwishDbgExt/CNdiskd/CMinidriver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/CNdiskd/CMinidriver.h -------------------------------------------------------------------------------- /SwishDbgExt/CNdiskd/CNdiskd.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/CNdiskd/CNdiskd.cpp -------------------------------------------------------------------------------- /SwishDbgExt/CNdiskd/CNdiskd.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/CNdiskd/CNdiskd.h -------------------------------------------------------------------------------- /SwishDbgExt/CNdiskd/COpenblock.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/CNdiskd/COpenblock.cpp -------------------------------------------------------------------------------- /SwishDbgExt/CNdiskd/COpenblock.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/CNdiskd/COpenblock.h -------------------------------------------------------------------------------- /SwishDbgExt/CNdiskd/CProtocols.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/CNdiskd/CProtocols.cpp -------------------------------------------------------------------------------- /SwishDbgExt/CNdiskd/CProtocols.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/CNdiskd/CProtocols.h -------------------------------------------------------------------------------- /SwishDbgExt/CNdiskd/CReport.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/CNdiskd/CReport.cpp -------------------------------------------------------------------------------- /SwishDbgExt/CNdiskd/CReport.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/CNdiskd/CReport.h -------------------------------------------------------------------------------- /SwishDbgExt/CNdiskd/utils.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/CNdiskd/utils.cpp -------------------------------------------------------------------------------- /SwishDbgExt/CNdiskd/utils.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/CNdiskd/utils.h -------------------------------------------------------------------------------- /SwishDbgExt/Checks/Codecave.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Checks/Codecave.cpp -------------------------------------------------------------------------------- /SwishDbgExt/Checks/Codecave.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Checks/Codecave.h -------------------------------------------------------------------------------- /SwishDbgExt/Common.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Common.cpp -------------------------------------------------------------------------------- /SwishDbgExt/Common.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Common.h -------------------------------------------------------------------------------- /SwishDbgExt/Credentials.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Credentials.cpp -------------------------------------------------------------------------------- /SwishDbgExt/Credentials.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Credentials.h -------------------------------------------------------------------------------- /SwishDbgExt/DbgHelpEx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/DbgHelpEx.cpp -------------------------------------------------------------------------------- /SwishDbgExt/DbgHelpEx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/DbgHelpEx.h -------------------------------------------------------------------------------- /SwishDbgExt/Drivers.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Drivers.cpp -------------------------------------------------------------------------------- /SwishDbgExt/Drivers.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Drivers.h -------------------------------------------------------------------------------- /SwishDbgExt/EngExpCppEx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/EngExpCppEx.h -------------------------------------------------------------------------------- /SwishDbgExt/EngExtCppEx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/EngExtCppEx.cpp -------------------------------------------------------------------------------- /SwishDbgExt/Lxss.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Lxss.cpp -------------------------------------------------------------------------------- /SwishDbgExt/Lxss.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Lxss.h -------------------------------------------------------------------------------- /SwishDbgExt/Md5.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Md5.cpp -------------------------------------------------------------------------------- /SwishDbgExt/Md5.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Md5.h -------------------------------------------------------------------------------- /SwishDbgExt/Network.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Network.cpp -------------------------------------------------------------------------------- /SwishDbgExt/Network.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Network.h -------------------------------------------------------------------------------- /SwishDbgExt/NtDef.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/NtDef.h -------------------------------------------------------------------------------- /SwishDbgExt/Objects.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Objects.cpp -------------------------------------------------------------------------------- /SwishDbgExt/Objects.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Objects.h -------------------------------------------------------------------------------- /SwishDbgExt/Output.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Output.cpp -------------------------------------------------------------------------------- /SwishDbgExt/Output.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Output.h -------------------------------------------------------------------------------- /SwishDbgExt/Process.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Process.cpp -------------------------------------------------------------------------------- /SwishDbgExt/Process.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Process.h -------------------------------------------------------------------------------- /SwishDbgExt/Registry.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Registry.cpp -------------------------------------------------------------------------------- /SwishDbgExt/Registry.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Registry.h -------------------------------------------------------------------------------- /SwishDbgExt/Security.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Security.cpp -------------------------------------------------------------------------------- /SwishDbgExt/Security.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Security.h -------------------------------------------------------------------------------- /SwishDbgExt/Storage.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Storage.cpp -------------------------------------------------------------------------------- /SwishDbgExt/Storage.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Storage.h -------------------------------------------------------------------------------- /SwishDbgExt/SwishDbgExt.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/SwishDbgExt.cpp -------------------------------------------------------------------------------- /SwishDbgExt/SwishDbgExt.def: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/SwishDbgExt.def -------------------------------------------------------------------------------- /SwishDbgExt/SwishDbgExt.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/SwishDbgExt.h -------------------------------------------------------------------------------- /SwishDbgExt/SwishDbgExt.rc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/SwishDbgExt.rc -------------------------------------------------------------------------------- /SwishDbgExt/SwishDbgExt.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/SwishDbgExt.vcxproj -------------------------------------------------------------------------------- /SwishDbgExt/SwishDbgExt.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/SwishDbgExt.vcxproj.filters -------------------------------------------------------------------------------- /SwishDbgExt/System.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/System.cpp -------------------------------------------------------------------------------- /SwishDbgExt/System.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/System.h -------------------------------------------------------------------------------- /SwishDbgExt/UntypedData.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/UntypedData.cpp -------------------------------------------------------------------------------- /SwishDbgExt/UntypedData.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/UntypedData.h -------------------------------------------------------------------------------- /SwishDbgExt/Version.rc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Version.rc -------------------------------------------------------------------------------- /SwishDbgExt/Version.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Version.txt -------------------------------------------------------------------------------- /SwishDbgExt/VirusTotal.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/VirusTotal.cpp -------------------------------------------------------------------------------- /SwishDbgExt/VirusTotal.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/VirusTotal.h -------------------------------------------------------------------------------- /SwishDbgExt/Yara.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Yara.cpp -------------------------------------------------------------------------------- /SwishDbgExt/Yara.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/Yara.h -------------------------------------------------------------------------------- /SwishDbgExt/engextcpp.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/engextcpp.cpp -------------------------------------------------------------------------------- /SwishDbgExt/engextcpp.hpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/engextcpp.hpp -------------------------------------------------------------------------------- /SwishDbgExt/packages.config: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/packages.config -------------------------------------------------------------------------------- /SwishDbgExt/resource.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/resource.h -------------------------------------------------------------------------------- /SwishDbgExt/stdafx.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/stdafx.cpp -------------------------------------------------------------------------------- /SwishDbgExt/stdafx.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/stdafx.h -------------------------------------------------------------------------------- /SwishDbgExt/targetver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/MagnetForensics/SwishDbgExt/HEAD/SwishDbgExt/targetver.h --------------------------------------------------------------------------------