Useful Scripts on Windows

• check os architecture
• get windows driver via sign from msdl
• get driver's pdb file from msdl
• parser new struct named dvrt in PE
• file system redirection trick for wow64 process
• disassemble shellcode quickly

ida

• python script to deal with E-language

Detours

• Hook Windows API demo