Stars
A cross-platform C++ framework for building Windows shellcode
Kernel-supported System Informer plugin that adds cool features.
Leaking kernel addresses from ETW consumers. Requires Administrator privileges.
Windows KASLR bypass using prefetch side-channel
Windows x64 DLL/Driver manual map injection on a non-present PML4E using physical memory read/writes, direct page table manipulation and contextualized address space cloning
PeAR - the Performant AFL Rewriter. Instrument Linux and Windows binaries with fuzzing instrumentation and more.
Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.
A KISS Rust crate to parse Windows kernel crash-dumps created by Windows & its debugger.
An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).
An integration for IDA and VS Code which connects both to easily execute and debug IDAPython scripts.
IDA Pro plugin for query based searching within the binary useful mainly for vulnerability research.
A patch to hide qemu itself, bypass mhyprot,EAC,nProtect / VMProtect,VProtect, Themida, Enigma Protector,Safegine Shielden
Set of tools to analyze Windows sandboxes for exposed attack surface.
Bypassing PatchGuard on modern x64 systems
Diaphora, the most advanced Free and Open Source program diffing tool.
A collection of LLVM transform and analysis passes to write shellcode in regular C
🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
🦀 Small exercises to get you used to reading and writing Rust code!
Tools for managing DNS across multiple providers
An index of Windows binaries, including download links for executables such as exe, dll and sys files
awesome game security [Welcome to PR]