Lists (5)
Stars
Stealth-focused Intel VT-x hypervisor (EAC/BE/ACs/AVs).
Deobfuscation via optimization with usage of LLVM IR and parsing assembly.
A x64 Windows Rootkit using SSDT or Hypervisor hook
WinDbg-ext-MCP bridges your favorite LLM client (like Cursor, Claude, or VS Code) with WinDbg, enabling real-time, AI assisted kernel debugging. Write prompts in your AI coding assistant and receiv…
modern c++ wrapper around the microsoft portable executable file format without any crt dependencies and dynamic allocations
Cheat for my own game SecureGame which uses a bootkit to hyperjack Hyper-V in order to access VBS enclave's memory
Abusing DDMA alongside Copy On Write for Cross Process Code Execution for a 3000$ Bug Bounty
Cross-platform tool that allows browsing and extracting C and C++ type declarations from PDB files.
IA32-doc is a project which aims to put as many definitions from the Intel Manual into machine-processable format as possible
Windows x64 DLL/Driver manual map injection on a non-present PML4E using physical memory read/writes, direct page table manipulation and contextualized address space cloning
This is an EfiGuard BootLoader that can boot EfiGuard from Usermode with no USB or Setup as a Single Executable with automatic File Dumping using Bytes.
usermode driver mapper that forcefully loads any signed kernel driver (legit cert) with a big enough section (example: .data, .rdata) to map your driver over. the main focus of this project is to p…
Windows rootkit for Intel x64 with 25+ features, demonstrating rootkit techniques compatible with all Windows 10 and Windows 11 versions.
A Hyper-V Hacking Framework For Windows 10 x64 (AMD & Intel)
A headless MCP server for IDA Pro. It lets AI agents open and analyze multiple IDA databases on demand, without launching the IDA manully.
Windows User-Mode Shellcode Development Framework (WUMSDF)
A curated list of awesome resources related to executable packing