├── CreatemVmcallHandlersTable2016.py ├── CreatemVmcallHandlersTable2019.py ├── CreatemVmcallHandlersTable20H1.py ├── Hyper-V-debugging. 2nd-edition ├── 1_PatchHvLoader2019.py ├── 2_RestoreHvLoader2019.py ├── 3_PatchHvix64_2019.py ├── 4_RebaseHVGdb2019.py ├── 5_RestoreHvix64_2019.py └── decypher_kdnet_key.py ├── ParseAfdEndpointListHead.py ├── ParseAfdTlTransportListHead.py ├── ParseIDT.py ├── ParsePrtnStructure.js ├── ParsePrtnStructure.py ├── README.md ├── RebaseHVGdb.py ├── Spider_Stone ├── README.md ├── Spider-Stone.ps1 ├── WCPExtractor.psm1 └── images │ ├── image001.png │ └── image002.png ├── display-vmcs.py ├── extract_hvcalls ├── Readme.md ├── extract_hvcalls.py ├── hvcalls_merge.py ├── image01.png ├── requirements.txt └── start.ps1 ├── extract_hvcalls_gui ├── extract_hvcalls.py ├── hvcall_extract.Export.ps1 ├── hvcalls_merge.py ├── idahunt │ ├── .gitignore │ ├── README.md │ ├── filelock.py │ ├── filters │ │ ├── __init__.py │ │ ├── ciscoasa.py │ │ ├── default.py │ │ ├── hpilo.py │ │ └── names.py │ ├── ida_helper.py │ ├── idahunt.py │ ├── img │ │ └── banner.png │ └── script_template.py └── python_modules.txt ├── hyperv-dbg-2012r2.ps1 ├── hyperv-dbg-2019.ps1 ├── ida75 ├── 1_ida75_PatchHvLoader2019.py ├── 2_ida75_RestoreHvLoader2019.py ├── 3_ida75_PatchHvix64_2019.py ├── 4_ida75_RebaseHVGdb2019.py ├── 5_ida75_RestoreHvix64_2019.py ├── ida75_CreatemVmcallHandlersTable2019.py ├── ida75_CreatemVmcallHandlersTable20H1.py ├── ida75_CreatemVmcallHandlersTable21H1.py ├── ida75_CreatemVmcallHandlersTableWin11Preview.py ├── ida75_ParseIDT.py └── ida75_display-vmcs.py ├── images ├── image001.png └── image002.png └── securekernel_info_pykd.py /CreatemVmcallHandlersTable2016.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/CreatemVmcallHandlersTable2016.py -------------------------------------------------------------------------------- /CreatemVmcallHandlersTable2019.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/CreatemVmcallHandlersTable2019.py -------------------------------------------------------------------------------- /CreatemVmcallHandlersTable20H1.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/CreatemVmcallHandlersTable20H1.py -------------------------------------------------------------------------------- /Hyper-V-debugging. 2nd-edition/1_PatchHvLoader2019.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/Hyper-V-debugging. 2nd-edition/1_PatchHvLoader2019.py -------------------------------------------------------------------------------- /Hyper-V-debugging. 2nd-edition/2_RestoreHvLoader2019.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/Hyper-V-debugging. 2nd-edition/2_RestoreHvLoader2019.py -------------------------------------------------------------------------------- /Hyper-V-debugging. 2nd-edition/3_PatchHvix64_2019.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/Hyper-V-debugging. 2nd-edition/3_PatchHvix64_2019.py -------------------------------------------------------------------------------- /Hyper-V-debugging. 2nd-edition/4_RebaseHVGdb2019.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/Hyper-V-debugging. 2nd-edition/4_RebaseHVGdb2019.py -------------------------------------------------------------------------------- /Hyper-V-debugging. 2nd-edition/5_RestoreHvix64_2019.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/Hyper-V-debugging. 2nd-edition/5_RestoreHvix64_2019.py -------------------------------------------------------------------------------- /Hyper-V-debugging. 2nd-edition/decypher_kdnet_key.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/Hyper-V-debugging. 2nd-edition/decypher_kdnet_key.py -------------------------------------------------------------------------------- /ParseAfdEndpointListHead.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/ParseAfdEndpointListHead.py -------------------------------------------------------------------------------- /ParseAfdTlTransportListHead.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/ParseAfdTlTransportListHead.py -------------------------------------------------------------------------------- /ParseIDT.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/ParseIDT.py -------------------------------------------------------------------------------- /ParsePrtnStructure.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/ParsePrtnStructure.js -------------------------------------------------------------------------------- /ParsePrtnStructure.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/ParsePrtnStructure.py -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/README.md -------------------------------------------------------------------------------- /RebaseHVGdb.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/RebaseHVGdb.py -------------------------------------------------------------------------------- /Spider_Stone/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/Spider_Stone/README.md -------------------------------------------------------------------------------- /Spider_Stone/Spider-Stone.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/Spider_Stone/Spider-Stone.ps1 -------------------------------------------------------------------------------- /Spider_Stone/WCPExtractor.psm1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/Spider_Stone/WCPExtractor.psm1 -------------------------------------------------------------------------------- /Spider_Stone/images/image001.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/Spider_Stone/images/image001.png -------------------------------------------------------------------------------- /Spider_Stone/images/image002.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/Spider_Stone/images/image002.png -------------------------------------------------------------------------------- /display-vmcs.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/display-vmcs.py -------------------------------------------------------------------------------- /extract_hvcalls/Readme.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/extract_hvcalls/Readme.md -------------------------------------------------------------------------------- /extract_hvcalls/extract_hvcalls.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/extract_hvcalls/extract_hvcalls.py -------------------------------------------------------------------------------- /extract_hvcalls/hvcalls_merge.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/extract_hvcalls/hvcalls_merge.py -------------------------------------------------------------------------------- /extract_hvcalls/image01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/extract_hvcalls/image01.png -------------------------------------------------------------------------------- /extract_hvcalls/requirements.txt: -------------------------------------------------------------------------------- 1 | sark 2 | pefile -------------------------------------------------------------------------------- /extract_hvcalls/start.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/extract_hvcalls/start.ps1 -------------------------------------------------------------------------------- /extract_hvcalls_gui/extract_hvcalls.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/extract_hvcalls_gui/extract_hvcalls.py -------------------------------------------------------------------------------- /extract_hvcalls_gui/hvcall_extract.Export.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/extract_hvcalls_gui/hvcall_extract.Export.ps1 -------------------------------------------------------------------------------- /extract_hvcalls_gui/hvcalls_merge.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/extract_hvcalls_gui/hvcalls_merge.py -------------------------------------------------------------------------------- /extract_hvcalls_gui/idahunt/.gitignore: -------------------------------------------------------------------------------- 1 | __pycache__/ -------------------------------------------------------------------------------- /extract_hvcalls_gui/idahunt/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/extract_hvcalls_gui/idahunt/README.md -------------------------------------------------------------------------------- /extract_hvcalls_gui/idahunt/filelock.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/extract_hvcalls_gui/idahunt/filelock.py -------------------------------------------------------------------------------- /extract_hvcalls_gui/idahunt/filters/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /extract_hvcalls_gui/idahunt/filters/ciscoasa.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/extract_hvcalls_gui/idahunt/filters/ciscoasa.py -------------------------------------------------------------------------------- /extract_hvcalls_gui/idahunt/filters/default.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/extract_hvcalls_gui/idahunt/filters/default.py -------------------------------------------------------------------------------- /extract_hvcalls_gui/idahunt/filters/hpilo.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/extract_hvcalls_gui/idahunt/filters/hpilo.py -------------------------------------------------------------------------------- /extract_hvcalls_gui/idahunt/filters/names.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/extract_hvcalls_gui/idahunt/filters/names.py -------------------------------------------------------------------------------- /extract_hvcalls_gui/idahunt/ida_helper.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/extract_hvcalls_gui/idahunt/ida_helper.py -------------------------------------------------------------------------------- /extract_hvcalls_gui/idahunt/idahunt.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/extract_hvcalls_gui/idahunt/idahunt.py -------------------------------------------------------------------------------- /extract_hvcalls_gui/idahunt/img/banner.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/extract_hvcalls_gui/idahunt/img/banner.png -------------------------------------------------------------------------------- /extract_hvcalls_gui/idahunt/script_template.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/extract_hvcalls_gui/idahunt/script_template.py -------------------------------------------------------------------------------- /extract_hvcalls_gui/python_modules.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/extract_hvcalls_gui/python_modules.txt -------------------------------------------------------------------------------- /hyperv-dbg-2012r2.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/hyperv-dbg-2012r2.ps1 -------------------------------------------------------------------------------- /hyperv-dbg-2019.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/hyperv-dbg-2019.ps1 -------------------------------------------------------------------------------- /ida75/1_ida75_PatchHvLoader2019.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/ida75/1_ida75_PatchHvLoader2019.py -------------------------------------------------------------------------------- /ida75/2_ida75_RestoreHvLoader2019.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/ida75/2_ida75_RestoreHvLoader2019.py -------------------------------------------------------------------------------- /ida75/3_ida75_PatchHvix64_2019.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/ida75/3_ida75_PatchHvix64_2019.py -------------------------------------------------------------------------------- /ida75/4_ida75_RebaseHVGdb2019.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/ida75/4_ida75_RebaseHVGdb2019.py -------------------------------------------------------------------------------- /ida75/5_ida75_RestoreHvix64_2019.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/ida75/5_ida75_RestoreHvix64_2019.py -------------------------------------------------------------------------------- /ida75/ida75_CreatemVmcallHandlersTable2019.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/ida75/ida75_CreatemVmcallHandlersTable2019.py -------------------------------------------------------------------------------- /ida75/ida75_CreatemVmcallHandlersTable20H1.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/ida75/ida75_CreatemVmcallHandlersTable20H1.py -------------------------------------------------------------------------------- /ida75/ida75_CreatemVmcallHandlersTable21H1.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/ida75/ida75_CreatemVmcallHandlersTable21H1.py -------------------------------------------------------------------------------- /ida75/ida75_CreatemVmcallHandlersTableWin11Preview.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/ida75/ida75_CreatemVmcallHandlersTableWin11Preview.py -------------------------------------------------------------------------------- /ida75/ida75_ParseIDT.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/ida75/ida75_ParseIDT.py -------------------------------------------------------------------------------- /ida75/ida75_display-vmcs.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/ida75/ida75_display-vmcs.py -------------------------------------------------------------------------------- /images/image001.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/images/image001.png -------------------------------------------------------------------------------- /images/image002.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/images/image002.png -------------------------------------------------------------------------------- /securekernel_info_pykd.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gerhart01/Hyper-V-scripts/HEAD/securekernel_info_pykd.py --------------------------------------------------------------------------------