Stars
a lightweight, multi-platform, multi-architecture hook framework.
Disable PatchGuard and Driver Signature Enforcement at boot time
A static devirtualizer for VMProtect x64 3.x. powered by VTIL.
It might be the quickest cross-platform codesign alternative for iOS 12+, supporting macOS, Linux, Windows, and more features.
Make WSA(Windows Subsystem for Android) run on Windows 10.
kill anti-malware protected processes ( BYOVD ) ( Microsoft Won )
XMachOViewer is a Mach-O viewer for Windows, Linux and MacOS
A hacked up idevicerestore wrapper, which allows specifying SEP and Baseband for restoring
a powerfull tool to check tss signing status of various devices and firmwares
Hyper-V integration support for macOS
A hacked up idevicerestore wrapper, which allows specifying SEP and Baseband for restoring
A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.
usermode driver mapper that forcefully loads any signed kernel driver (legit cert) with a big enough section (example: .data, .rdata) to map your driver over. the main focus of this project is to p…
Enhanced IDA Pro signature generator plugin.
Polaris: An LLVM-based obfuscator that protects software at various levels
Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting
Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.
Some DLL Injection techniques in C++ implemented for both x86 and x64 windows OS processes
CFB is a ProcMon-style tool designed to assist capturing IRPs sent to Windows drivers.
A tool for manipulating IMG4, IM4M and IM4P files
Link Identity Editor. Put real or fake signatures in a Mach-O.
A tethered booter for 64bit iOS devices vulnerable to checkm8