Lists (1)
Starred repositories
75
stars
written in C++
Clear filter
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
Free and Open Source Reverse Engineering Platform powered by rizin
Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.
free C++ class library of cryptographic schemes
Keystone assembler framework: Core (Arm, Arm64, Hexagon, Mips, PowerPC, Sparc, SystemZ & X86) + bindings
🐸STT - The deep learning toolkit for Speech-to-Text. Training and deploying STT models has never been so easy.
孤挺花(Armariris) -- 由上海交通大学密码与计算机安全实验室维护的LLVM混淆框架
A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl
Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.
Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
kill anti-malware protected processes ( BYOVD) (Microsoft Won )
SuperDllHijack:A general DLL hijack technology, don't need to manually export the same function interface of the DLL, so easy! 一种通用Dll劫持技术,不再需要手工导出Dll的函数接口了
Loading Remote AES Encrypted PE in memory , Decrypted it and run it
Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.
Another Windows Local Privilege Escalation from Service Account to System
UAC bypass for x64 Windows 7 - 11
ELFIO - ELF (Executable and Linkable Format) reader and producer implemented as a header only C++ library
Support ALL Windows Version
PoC Implementation of a fully dynamic call stack spoofer
Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.