PolyEngine is an evasive PE packer designed for CTF challenges and low-level Windows security education. It focuses on bypassing EDR and AV heuristics through a layered stack of in-memory execution…

C 138 15 Updated Jun 10, 2026

repnz / etw-providers-docs

Document ETW providers

C 300 57 Updated Mar 28, 2020

intel / libipt

libipt - an Intel(R) Processor Trace decoder library

C 730 155 Updated May 19, 2026

ionescu007 / lxss

Fun with the Windows Subsystem for Linux (WSL/LXSS)

C++ 890 80 Updated Jan 29, 2019

ionescu007 / SimpleVisor

SimpleVisor is a simple, portable, Intel VT-x hypervisor with two specific goals: using the least amount of assembly code (10 lines), and having the smallest amount of VMX-related code to support d…

C 1,960 284 Updated May 8, 2024

ionescu007 / winipt

The Windows Library for Intel Process Trace (WinIPT) is a project that leverages the new Intel Processor Trace functionality exposed by Windows 10 Redstone 5 (1809), through a set of libraries and …

C 410 88 Updated Apr 27, 2023

incursi0n / GodPotatoBOF

Cobalt Strike BOF used to perform privilege escalation by exploiting the SeImpersonate privilege. Based on the original GodPotato PoC by BeichenDream.

C 261 32 Updated Apr 16, 2026

codewhitesec / SysmonEnte

C 84 7 Updated Oct 18, 2022

klezVirus / SilentMoonwalk

PoC Implementation of a fully dynamic call stack spoofer

C++ 962 110 Updated Jul 20, 2024

klezVirus / BYOUD

Bring your own Unwind Data Framework

C++ 147 14 Updated Mar 15, 2026

AndreiMuntea / Windows-Drivers-Mini-Projects

C++ 3 1 Updated Feb 2, 2019

AndreiMuntea / etwkm

C 27 2 Updated Apr 5, 2026

Muz1K1zuM / UnderlayCopy_bof

BOF for Havoc that copies locked Windows files (SAM, SYSTEM, NTDS.dit) via raw MFT parsing — no VSS, no Registry APIs, no PowerShell

C 132 8 Updated Apr 6, 2026

EaseFilterSDK / ProcessFilterExample

A C# process filter driver example which was implemented with the Process Filter Driver SDK. The Process Filter Driver SDK is a kernel-mode driver that filters process/thread creation and terminati…

C# 15 6 Updated May 23, 2026

t-tani / defender2yara

Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules

Python 206 27 Updated Jun 13, 2026

mdsecactivebreach / RegPwn

C# 235 29 Updated Mar 13, 2026

marzer / tomlplusplus

Header-only TOML config file parser and serializer for C++17.

C++ 2,074 200 Updated Jun 10, 2026

x86matthew / WinVisor

WinVisor - A hypervisor-based emulator for Windows x64 user-mode executables using Windows Hypervisor Platform API

C++ 666 46 Updated Jan 23, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

NULL NUL0x4C

Achievements

Achievements

Organizations

Block or report NUL0x4C

Stars

Livox-SDK / Livox-SDK2

bernhardpg / babyshark_vtol_model

CankayaUniversity / ceng-407-408-2022-2023-Autonomous-VTOL-Design

TIERS / X650_pixhawk6x_Jetson_Orin_Setup_Guide

0xDbgMan / DrvEye

microsoft / diskspd

luxonis / depthai

assarbad / msvc-undoc

Kudaes / Unwinder

rabbitstack / fibratus

mandiant / capa

microsoft / msquic

LongWayHomie / PolyEngine