Lab project analyzing Hyper-V kernel crash behavior (CVE-2025-21333) using WinDbg and Windows internals# CVE-2025-21333 — Educational Reproduction & Analysis
**Status:** Educational lab / learning project (no exploit code).
**Goal:** Reproduce observable crash behavior in a controlled VM, collect crash dumps, and analyze the root cause using WinDbg and static analysis. This repo includes a tiny demo program (for debugging practice), step-by-step lab notes, and a clear analysis template you can fill in.
## What’s in this repo
- `LAB_SETUP.md` — how I set up the lab and safety rules.
- `demo/` — contains the poc code and steps to run it
- `reports/` — the analysis writeup template and crash-dump notes.
## Quick usage guide
1. Create an offline VM (Windows) and take a snapshot. Follow `LAB_SETUP.md` before you do anything.
2. Build the poc inside the VM using the provided script or using Visual Studio (Debug).
3. Run the poc
4. Attach WinDbg or x64dbg, collect a crash dump, and analyze
## Safety & ethics
- This repo is strictly for education and defensive research. No exploitable payloads or attack steps are included.
- Don’t run tests against production systems or other people's machines.
## Author
Rahul Kumar
GitHub: `https://github.com/rahul0xkr`
[4.0K] /data/pocs/ec2318b0804a033c9e50c4c9837600fdd9446a7b
├── [4.0K] demo
│ ├── [ 93] build.sh
│ ├── [ 61K] poc.cpp
│ └── [ 338] run_and_crash.md
├── [1007] LAB_SETUP.md
├── [4.0K] POC
│ ├── [ 61K] Actual_Poc.cpp
│ ├── [1.2K] CVE-2025-21333-POC.vcxproj.filters
│ ├── [1.5K] Hexdump.hpp
│ ├── [6.6K] POC.vcxproj
│ └── [7.5K] wnf.h
├── [1.2K] README.md
├── [4.0K] reports
│ └── [5.0K] analysis.md
└── [ 481] windbg_notes.md
3 directories, 12 files