Windows Kernel Explorer 是专有软件,且作者在分发软件时启用了 VMProtect 保护,如果想寻找开源替代,请参考:
- System Informer: https://github.com/winsiderss/systeminformer
- WinObjEx64: https://github.com/hfiref0x/WinObjEx64
- Kernel-Bridge Framework: https://github.com/HoShiMin/Kernel-Bridge
- Syscall Tables: https://github.com/hfiref0x/SyscallTables
- Total Registry: https://github.com/zodiacon/TotalRegistry
- x64-WindowsKernelExplorer.exe: https://www.virustotal.com/gui/file/a84e6482ef364b3903f7d57f3159485ca390b9613489ac539c5e6e145c589cbc
- x64-WindowsKernelExplorer.sys(IDA9.2-DB: https://github.com/abcd-reverse-engineering/wke-ida-db/releases/download/v20251214-01/WindowsKernelExplorer.sys.i64): https://www.virustotal.com/gui/file/22056bbc956d812717172619bb56ea6fb3878b915916b3a9ed24acde06e186c5
- x64-WKE64.exe: https://www.virustotal.com/gui/file/30d5b00ce1b4ff7ec5097a22d15f0d53a935eb8d1c4a0b0584f689f0b825d2f8