An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

Telegram Desktop messaging app

Convert HTML to PDF using Webkit (QtWebKit)

微信HOOK、微信机器人 wxhook，数据库解密 微信公众号采集 微信公众号爬虫，企业微信HOOK

🔥Open source RASP solution

Converts PE into a shellcode

A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.

Hook system calls, context switches, page faults and more.

Open EDR public repository

Portspoof

shellcodeloader

Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.

Extracting Clear Text Passwords from mstsc.exe using API Hooking.

Converts a EXE into DLL

一些阅读源码和Fuzzing 的经验,涵盖黑盒与白盒测试..

Cooolis-ms是一个包含了Metasploit Payload Loader、Cobalt Strike External C2 Loader、Reflective DLL injection的代码执行工具，它的定位在于能够在静态查杀上规避一些我们将要执行且含有特征的代码，帮助红队人员更方便快捷的从Web容器环境切换到C2环境进一步进行工作。

RouterOS Security Research Tooling and Proof of Concepts

Principled, lightweight C/C++ PE parser

Token Privilege Research

Enumerate and disable common sources of telemetry used by AV/EDR.

恶意代码逃逸源代码 http://payloads.online

Support ALL Windows Version

A small POC to make defender useless by removing its token privileges and lowering the token integrity

使用MFC编写的病毒技术合集

A tool mainly to erase specified records from Windows event logs, with additional functionalities.

mXtract - Memory Extractor & Analyzer

A native backdoor module for Microsoft IIS (Internet Information Services)

CVE-2018-8120 Windows LPE exploit

System call hook for Windows 10 20H1

Shellcode launcher utility