Skip to content
/ IOCTL-Explorer Public

Java && Ghidrathon script to automatically find all IOCTL codes and their corresponding Windows API calls

License

Apache-2.0 license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

rtlcopymemory/IOCTL-Explorer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
ioctl_explorer.java
ioctl_explorer.java
 
 
ioctl_explorer.py
ioctl_explorer.py
 
 

Repository files navigation

IOCTL-Explorer

This script was made and tested using Ghidrathon

How to install - Java Version

  • Drop the .java fle inside your $USER_HOME/ghidra_scripts folder
  • Reload Scripts
  • Script manager > Windows > ioctl_explorer.java

How to install - Ghidrathon Version

  • Just drop the .py file inside of your $USER_HOME/ghidra_scripts folder and reload your scripts
  • It will be in the Script Manager, under Python3

How to use

  • Select anywhere inside of the IRP_MJ_DEVICE_CONTROL handle function
  • Run the script

About

Java && Ghidrathon script to automatically find all IOCTL codes and their corresponding Windows API calls

Resources

Readme

License

Apache-2.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages