A 64 bit executable junk code engine for polymorphic malware.

x64 binary obfuscator

C++ 20 Control Flow Obfuscation library for Windows Binaries

A True Instrumentable Binary Emulation Framework

vscode plugin for LuaObfuscator.com

Lua 5.1 bytecode interpreter, in Lua

This tool will allow you to spoof the return addresses of your functions as well as system functions.

Ruby gem for color manipulation and palette generation

Database Client For Visual Studio Code

Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.

LittleCorporal: A C# Automated Maldoc Generator

Virtual-machine Translation Intermediate Language

Tool for PDB generation from IDA Pro database

ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja disassemblers.

(unofficial) Hyper-V® Development Kit

External mid-function hooking method to retrieve register data

C++20, x86/x64 Hooking Libary v2.0

Dis One Repo is FOOBAR

My implementation of enSilo's Process Doppelganging (PE injection technique)

A reflexive driver loader to bypass Windows DSE (featuring a custom PE loader)

Program synthesis based deobfuscation framework for the USENIX 2017 paper "Syntia: Synthesizing the Semantics of Obfuscated Code"

ReClassEx

IDA Pro 7 and up compatible SigMaker plugin

Convenient high-level C++ wrapper around the Windows Registry API

RetDec is a retargetable machine-code decompiler based on LLVM.

VMAttack PlugIn for IDA Pro

Home Assistant Service for sending commands to a Wifi enabled DreamScreen