隐藏可执行内存

热门网络游戏辅助开发教程

kernel-mode Anti-Anti-Debug plugin. based on intel vt-x && ept technology

Direct Memory Access (DMA) Attack Software

D810-ng (Next Generation) is an updated, tested, refactored, and optimized IDA Pro plugin used to deobfuscate code at decompilation time by modifying IDA Pro microcode.

Linux mainline kernel fork for various Qualcomm MSM8917/37/40 , SDM429/SDM439 and QM215 devices

Trace events in real time sessions

A collection of notebooks/recipes showcasing some fun and effective ways of using Claude.

Rshell是一款开源的golang编写的支持多平台的C2框架，旨在帮助安服人员渗透测试、红蓝对抗。

Windows kernel and user mode emulation.

依赖调用框架

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click S…

免杀知识库 | 开源免杀木马效果测试 360 火绒 卡巴斯基 Microsoft Defender | 免杀工具汇总

EDR Lab for Experimentation Purposes

shellcode生成框架

shellcode 生成框架

Binary Hollowing

针对PE文件的分离的攻防对抗工具，红队、研究者的好帮手。目前支持文件头伪装、证书区段感染。A no-kill confrontation tool for the separation of PE files, a good helper for red teams and researchers. Currently, file header spoofing and certificat…

more conveniently Visual-Studio-BOF-template

Sign-Sacker(签名掠夺者)：一款数字签名复制器，可将其他官方exe中数字签名，图标，详细信息复制到没有签名的exe中，作为免杀，权限维持，伪装的一种小手段。

制作 shellcode 的模板

A modern 32/64-bit position independent implant template

Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...

Situational Awareness commands implemented using Beacon Object Files

📚 从零开始的大语言模型原理与实践教程

Typora plugin. Feature enhancement tool | Typora 插件，功能增强工具