Lists (1)
Stars
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
RetDec is a retargetable machine-code decompiler based on LLVM.
Sol3 (sol2 v3.0) - a C++ <-> Lua API wrapper with advanced features and top notch performance - is here, and it's great! Documentation:
An even funnier way to disable windows defender. (through WSC api)
library for importing functions from dlls in a hidden, reverse engineer unfriendly way
Alternative Shellcode Execution Via Callbacks
Library for lifting machine code to LLVM bitcode
Syscall Shellcode Loader (Work in Progress)
Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.
An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents
base64 encoding and decoding with c++
Weaponize DLL hijacking easily. Backdoor any function in any DLL.
Obfusk8: lightweight Obfuscation library based on C++17 / Header Only for windows binaries
This program remaps its image to prevent the page protection of pages contained in the image from being modified via NtProtectVirtualMemory.
Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS headers, Unlinking .NET related modules, bypassing ETW+AMSI, avo…
Automated DLL Sideloading Tool With EDR Evasion Capabilities
This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp, socket)
C++ 20 Control Flow Obfuscation library for Windows Binaries
TinyAntivirus is an open source antivirus engine designed for detecting polymorphic virus and disinfecting it.
Automated multi-engine framework for unpacking, analyzing, and devirtualizing binaries protected by commercial and custom Virtual Machine based protectors. Combines Dynamic Taint Tracking, Symbolic…