René's URL Explorer Experiment


Title: GitHub - adanto/winlow: Concise, hands-on Windows internals, exploitation notes and detection playbooks.

Open Graph Title: GitHub - adanto/winlow: Concise, hands-on Windows internals, exploitation notes and detection playbooks.

X Title: GitHub - adanto/winlow: Concise, hands-on Windows internals, exploitation notes and detection playbooks.

Description: Concise, hands-on Windows internals, exploitation notes and detection playbooks. - adanto/winlow

Open Graph Description: Concise, hands-on Windows internals, exploitation notes and detection playbooks. - adanto/winlow

X Description: Concise, hands-on Windows internals, exploitation notes and detection playbooks. - adanto/winlow

Opengraph URL: https://github.com/adanto/winlow

X: @github

direct link

Domain: patch-diff.githubusercontent.com

route-pattern/:user_id/:repository
route-controllerfiles
route-actiondisambiguate
fetch-noncev2:1238885f-797c-7290-a0c5-4a6063ee3e06
current-catalog-service-hashf3abb0cc802f3d7b95fc8762b94bdcb13bf39634c40c357301c4aa1d67a256fb
request-idC1B8:2CFBA0:1AE6C95:227DCE3:6991B534
html-safe-nonceda469478451e730d154cf9bd68632dd7e4d7304b4882cbf45f8607975ce7e752
visitor-payloadeyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJDMUI4OjJDRkJBMDoxQUU2Qzk1OjIyN0RDRTM6Njk5MUI1MzQiLCJ2aXNpdG9yX2lkIjoiMjA2OTQ5ODIxOTE4MDcwMDk4MCIsInJlZ2lvbl9lZGdlIjoiaWFkIiwicmVnaW9uX3JlbmRlciI6ImlhZCJ9
visitor-hmac93c646951dab9c853f5ed3b26f1f8c6845d600c306edb7dbfbf7c8c7b26cc6c9
hovercard-subject-tagrepository:1064900686
github-keyboard-shortcutsrepository,copilot
google-site-verificationApib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I
octolytics-urlhttps://collector.github.com/github/collect
analytics-location//
fb:app_id1401488693436528
apple-itunes-appapp-id=1477376905, app-argument=https://github.com/adanto/winlow
twitter:imagehttps://opengraph.githubassets.com/e95f888fc5b12540d7765ed317de086d633d26ff52c92ee729388e79a5b48ab2/adanto/winlow
twitter:cardsummary_large_image
og:imagehttps://opengraph.githubassets.com/e95f888fc5b12540d7765ed317de086d633d26ff52c92ee729388e79a5b48ab2/adanto/winlow
og:image:altConcise, hands-on Windows internals, exploitation notes and detection playbooks. - adanto/winlow
og:image:width1200
og:image:height600
og:site_nameGitHub
og:typeobject
hostnamegithub.com
expected-hostnamegithub.com
None42c603b9d642c4a9065a51770f75e5e27132fef0e858607f5c9cb7e422831a7b
turbo-cache-controlno-preview
go-importgithub.com/adanto/winlow git https://github.com/adanto/winlow.git
octolytics-dimension-user_id9393785
octolytics-dimension-user_loginadanto
octolytics-dimension-repository_id1064900686
octolytics-dimension-repository_nwoadanto/winlow
octolytics-dimension-repository_publictrue
octolytics-dimension-repository_is_forkfalse
octolytics-dimension-repository_network_root_id1064900686
octolytics-dimension-repository_network_root_nwoadanto/winlow
turbo-body-classeslogged-out env-production page-responsive
disable-turbofalse
browser-stats-urlhttps://api.github.com/_private/browser/stats
browser-errors-urlhttps://api.github.com/_private/browser/errors
release848bc6032dcc93a9a7301dcc3f379a72ba13b96e
ui-targetfull
theme-color#1e2327
color-schemelight dark

Links:

Skip to contenthttps://patch-diff.githubusercontent.com/adanto/winlow#start-of-content
https://patch-diff.githubusercontent.com/
Sign in https://patch-diff.githubusercontent.com/login?return_to=https%3A%2F%2Fgithub.com%2Fadanto%2Fwinlow
GitHub CopilotWrite better code with AIhttps://github.com/features/copilot
GitHub SparkBuild and deploy intelligent appshttps://github.com/features/spark
GitHub ModelsManage and compare promptshttps://github.com/features/models
MCP RegistryNewIntegrate external toolshttps://github.com/mcp
ActionsAutomate any workflowhttps://github.com/features/actions
CodespacesInstant dev environmentshttps://github.com/features/codespaces
IssuesPlan and track workhttps://github.com/features/issues
Code ReviewManage code changeshttps://github.com/features/code-review
GitHub Advanced SecurityFind and fix vulnerabilitieshttps://github.com/security/advanced-security
Code securitySecure your code as you buildhttps://github.com/security/advanced-security/code-security
Secret protectionStop leaks before they starthttps://github.com/security/advanced-security/secret-protection
Why GitHubhttps://github.com/why-github
Documentationhttps://docs.github.com
Bloghttps://github.blog
Changeloghttps://github.blog/changelog
Marketplacehttps://github.com/marketplace
View all featureshttps://github.com/features
Enterpriseshttps://github.com/enterprise
Small and medium teamshttps://github.com/team
Startupshttps://github.com/enterprise/startups
Nonprofitshttps://github.com/solutions/industry/nonprofits
App Modernizationhttps://github.com/solutions/use-case/app-modernization
DevSecOpshttps://github.com/solutions/use-case/devsecops
DevOpshttps://github.com/solutions/use-case/devops
CI/CDhttps://github.com/solutions/use-case/ci-cd
View all use caseshttps://github.com/solutions/use-case
Healthcarehttps://github.com/solutions/industry/healthcare
Financial serviceshttps://github.com/solutions/industry/financial-services
Manufacturinghttps://github.com/solutions/industry/manufacturing
Governmenthttps://github.com/solutions/industry/government
View all industrieshttps://github.com/solutions/industry
View all solutionshttps://github.com/solutions
AIhttps://github.com/resources/articles?topic=ai
Software Developmenthttps://github.com/resources/articles?topic=software-development
DevOpshttps://github.com/resources/articles?topic=devops
Securityhttps://github.com/resources/articles?topic=security
View all topicshttps://github.com/resources/articles
Customer storieshttps://github.com/customer-stories
Events & webinarshttps://github.com/resources/events
Ebooks & reportshttps://github.com/resources/whitepapers
Business insightshttps://github.com/solutions/executive-insights
GitHub Skillshttps://skills.github.com
Documentationhttps://docs.github.com
Customer supporthttps://support.github.com
Community forumhttps://github.com/orgs/community/discussions
Trust centerhttps://github.com/trust-center
Partnershttps://github.com/partners
GitHub SponsorsFund open source developershttps://github.com/sponsors
Security Labhttps://securitylab.github.com
Maintainer Communityhttps://maintainers.github.com
Acceleratorhttps://github.com/accelerator
Archive Programhttps://archiveprogram.github.com
Topicshttps://github.com/topics
Trendinghttps://github.com/trending
Collectionshttps://github.com/collections
Enterprise platformAI-powered developer platformhttps://github.com/enterprise
GitHub Advanced SecurityEnterprise-grade security featureshttps://github.com/security/advanced-security
Copilot for BusinessEnterprise-grade AI featureshttps://github.com/features/copilot/copilot-business
Premium SupportEnterprise-grade 24/7 supporthttps://github.com/premium-support
Pricinghttps://github.com/pricing
Search syntax tipshttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
documentationhttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
Sign in https://patch-diff.githubusercontent.com/login?return_to=https%3A%2F%2Fgithub.com%2Fadanto%2Fwinlow
Sign up https://patch-diff.githubusercontent.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E&source=header-repo&source_repo=adanto%2Fwinlow
Reloadhttps://patch-diff.githubusercontent.com/adanto/winlow
Reloadhttps://patch-diff.githubusercontent.com/adanto/winlow
Reloadhttps://patch-diff.githubusercontent.com/adanto/winlow
adanto https://patch-diff.githubusercontent.com/adanto
winlowhttps://patch-diff.githubusercontent.com/adanto/winlow
Notifications https://patch-diff.githubusercontent.com/login?return_to=%2Fadanto%2Fwinlow
Fork 0 https://patch-diff.githubusercontent.com/login?return_to=%2Fadanto%2Fwinlow
Star 1 https://patch-diff.githubusercontent.com/login?return_to=%2Fadanto%2Fwinlow
MIT license https://patch-diff.githubusercontent.com/adanto/winlow/blob/main/LICENSE.txt
1 star https://patch-diff.githubusercontent.com/adanto/winlow/stargazers
0 forks https://patch-diff.githubusercontent.com/adanto/winlow/forks
Branches https://patch-diff.githubusercontent.com/adanto/winlow/branches
Tags https://patch-diff.githubusercontent.com/adanto/winlow/tags
Activity https://patch-diff.githubusercontent.com/adanto/winlow/activity
Star https://patch-diff.githubusercontent.com/login?return_to=%2Fadanto%2Fwinlow
Notifications https://patch-diff.githubusercontent.com/login?return_to=%2Fadanto%2Fwinlow
Code https://patch-diff.githubusercontent.com/adanto/winlow
Issues 0 https://patch-diff.githubusercontent.com/adanto/winlow/issues
Pull requests 0 https://patch-diff.githubusercontent.com/adanto/winlow/pulls
Actions https://patch-diff.githubusercontent.com/adanto/winlow/actions
Projects 0 https://patch-diff.githubusercontent.com/adanto/winlow/projects
Security 0 https://patch-diff.githubusercontent.com/adanto/winlow/security
Insights https://patch-diff.githubusercontent.com/adanto/winlow/pulse
Code https://patch-diff.githubusercontent.com/adanto/winlow
Issues https://patch-diff.githubusercontent.com/adanto/winlow/issues
Pull requests https://patch-diff.githubusercontent.com/adanto/winlow/pulls
Actions https://patch-diff.githubusercontent.com/adanto/winlow/actions
Projects https://patch-diff.githubusercontent.com/adanto/winlow/projects
Security https://patch-diff.githubusercontent.com/adanto/winlow/security
Insights https://patch-diff.githubusercontent.com/adanto/winlow/pulse
Brancheshttps://patch-diff.githubusercontent.com/adanto/winlow/branches
Tagshttps://patch-diff.githubusercontent.com/adanto/winlow/tags
https://patch-diff.githubusercontent.com/adanto/winlow/branches
https://patch-diff.githubusercontent.com/adanto/winlow/tags
3 Commitshttps://patch-diff.githubusercontent.com/adanto/winlow/commits/main/
https://patch-diff.githubusercontent.com/adanto/winlow/commits/main/
part1https://patch-diff.githubusercontent.com/adanto/winlow/tree/main/part1
part1https://patch-diff.githubusercontent.com/adanto/winlow/tree/main/part1
part2https://patch-diff.githubusercontent.com/adanto/winlow/tree/main/part2
part2https://patch-diff.githubusercontent.com/adanto/winlow/tree/main/part2
part3https://patch-diff.githubusercontent.com/adanto/winlow/tree/main/part3
part3https://patch-diff.githubusercontent.com/adanto/winlow/tree/main/part3
part4https://patch-diff.githubusercontent.com/adanto/winlow/tree/main/part4
part4https://patch-diff.githubusercontent.com/adanto/winlow/tree/main/part4
part5https://patch-diff.githubusercontent.com/adanto/winlow/tree/main/part5
part5https://patch-diff.githubusercontent.com/adanto/winlow/tree/main/part5
LICENSE.txthttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/LICENSE.txt
LICENSE.txthttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/LICENSE.txt
README.mdhttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/README.md
README.mdhttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/README.md
READMEhttps://patch-diff.githubusercontent.com/adanto/winlow
MIT licensehttps://patch-diff.githubusercontent.com/adanto/winlow
https://patch-diff.githubusercontent.com/adanto/winlow#windows-internals--exploitation
https://patch-diff.githubusercontent.com/adanto/winlow#how-to-use-this-repository
https://patch-diff.githubusercontent.com/adanto/winlow#responsible-use--safety
https://patch-diff.githubusercontent.com/adanto/winlow#objectives
https://patch-diff.githubusercontent.com/adanto/winlow#index
https://patch-diff.githubusercontent.com/adanto/winlow#part-1--fundamentals
Introductionhttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part1/01-introduction.md
Processes & Threadshttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part1/02-processes-threads.md
Windows Loader & Image Activationhttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part1/03-loader-image-activation.md
Memory & Virtual Address Spacehttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part1/04-memory-vas.md
Object Manager & Handleshttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part1/05-object-manager-handles.md
Syscalls & the NTAPI Boundaryhttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part1/06-syscalls-ntapi.md
Scheduling, APCs & Callback Surfaceshttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part1/07-apcs-callbacks.md
IPC (ALPC, RPC, COM, Pipes)https://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part1/08-ipc.md
https://patch-diff.githubusercontent.com/adanto/winlow#part-2--exploitation-mitigations
DEP / NX / W^Xhttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part2/01-dep-nx-wx.md
ASLR / KASLRhttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part2/02-aslr-kaslr.md
Compiler & Hardware CFI: CFG, CET (Shadow Stack/IBT)https://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part2/03-cfg-cet.md
Trust & Integrity: Secure Boot, WDAC, Code Integrity, PatchGuard, VBS/HVCI, PPLhttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part2/04-trust-integrity-stack.md
Compiler & EH Hardening (/GS, SafeSEH/SEHOP, EHCONT)https://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part2/05-compiler-eh-hardening.md
https://patch-diff.githubusercontent.com/adanto/winlow#part-3--anti-reversing--evasion
Anti-Debugginghttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part3/01-anti-debugging.md
Anti-Disassemblyhttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part3/02-anti-disassembly.md
Sandbox & VM Evasionhttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part3/03-sandbox-vm-evasion.md
Process Injection & Hookinghttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part3/04-injection-hooking.md
AMSI & Script Host Internalshttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part3/05-amsi-script-host.md
Telemetry Tampering & Unhooking (ETW, Direct Syscalls)https://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part3/06-telemetry-tampering.md
Rootkits & Bootkitshttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part3/07-rootkits-bootkits.md
https://patch-diff.githubusercontent.com/adanto/winlow#part-4--practical-exploitation
Buffer Overflowshttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part4/01-buffer-overflows.md
Use-After-Free & Type Confusionhttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part4/02-uaf-type-confusion.md
ROP & JOPhttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part4/03-rop-jop.md
Shellcodinghttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part4/04-shellcoding.md
Fuzzing & Exploit Developmenthttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part4/05-fuzzing-exploit-dev.md
Kernel Exploitation Primerhttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part4/06-kernel-exploitation-primer.md
https://patch-diff.githubusercontent.com/adanto/winlow#part-5--detection--countermeasures
Windows Eventing & ETW Playbookhttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part5/01-etw-playbook.md
Telemetry & Huntinghttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part5/02-telemetry-hunting.md
EDR & AV Evasionhttps://patch-diff.githubusercontent.com/adanto/winlow/blob/main/part5/03-edr-av-evasion.md
https://patch-diff.githubusercontent.com/adanto/winlow#core-references
MITRE ATT&CKhttps://attack.mitre.org/matrices/
Microsoft Docshttps://learn.microsoft.com/en-us/windows/win32/api/processthreadsapi/nf-processthreadsapi-createprocessa
Sysinternals (Microsoft)https://learn.microsoft.com/en-us/sysinternals/downloads/process-explorer
windows https://patch-diff.githubusercontent.com/topics/windows
kernel https://patch-diff.githubusercontent.com/topics/kernel
reverse-engineering https://patch-diff.githubusercontent.com/topics/reverse-engineering
malware-analysis https://patch-diff.githubusercontent.com/topics/malware-analysis
exploitation https://patch-diff.githubusercontent.com/topics/exploitation
security-research https://patch-diff.githubusercontent.com/topics/security-research
edr https://patch-diff.githubusercontent.com/topics/edr
windows-internals https://patch-diff.githubusercontent.com/topics/windows-internals
edr-evasion https://patch-diff.githubusercontent.com/topics/edr-evasion
Readme https://patch-diff.githubusercontent.com/adanto/winlow#readme-ov-file
MIT license https://patch-diff.githubusercontent.com/adanto/winlow#MIT-1-ov-file
Please reload this pagehttps://patch-diff.githubusercontent.com/adanto/winlow
Activityhttps://patch-diff.githubusercontent.com/adanto/winlow/activity
1 starhttps://patch-diff.githubusercontent.com/adanto/winlow/stargazers
0 watchinghttps://patch-diff.githubusercontent.com/adanto/winlow/watchers
0 forkshttps://patch-diff.githubusercontent.com/adanto/winlow/forks
Report repository https://patch-diff.githubusercontent.com/contact/report-content?content_url=https%3A%2F%2Fgithub.com%2Fadanto%2Fwinlow&report=adanto+%28user%29
Releaseshttps://patch-diff.githubusercontent.com/adanto/winlow/releases
Packages 0https://patch-diff.githubusercontent.com/users/adanto/packages?repo_name=winlow
https://github.com
Termshttps://docs.github.com/site-policy/github-terms/github-terms-of-service
Privacyhttps://docs.github.com/site-policy/privacy-policies/github-privacy-statement
Securityhttps://github.com/security
Statushttps://www.githubstatus.com/
Communityhttps://github.community/
Docshttps://docs.github.com/
Contacthttps://support.github.com?tags=dotcom-footer

Viewport: width=device-width

URLs of crawlers that visited me.