Lists (1)
Stars
A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-internals…
Official QEMU mirror. Please see https://www.qemu.org/contribute/ for how to submit changes to QEMU. Pull Requests are disabled. Please only use release tarballs from the QEMU website.
Small and highly portable detection tests based on MITRE's ATT&CK.
Disk encryption with strong security based on TrueCrypt
This repo contains driver samples prepared for use with Microsoft Visual Studio and the Windows Driver Kit (WDK). It contains both Universal Windows Driver and desktop-only driver samples.
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.
HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux
🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc
Situational Awareness commands implemented using Beacon Object Files
Native API header files for the System Informer project.
Remote operations commands implemented using Beacon Object Files
cagritaskn / GoodbyeDPI-Turkey
Forked from ValdikSS/GoodbyeDPIGoodbyeDPI (Türkiye için DNS değişikliği engelini bertaraf etme) (Windows)
This repository contains sample programs written primarily in C and C++ for learning native code reverse engineering.
This repository contains sample programs that mimick behavior found in real-world malware. The goal is to provide source code that can be compiled and used for learning purposes, without having to …
PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.
This repository includes code and IoCs that are the product of research done in Akamai's various security research teams.
A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.
A Beacon Object File (BOF) is a compiled C program, written to a convention that allows it to execute within a Beacon process and use internal Beacon APIs. BOFs are a way to rapidly extend the Beac…
One Token To Rule Them All https://labs.mwrinfosecurity.com/blog/incognito-v2-0-released/
Various tools besides Msys2 that I've found useful to have available on windows. Create an issue if you have anything you want to add, want some binaries updated, or you think that some of them sho…