Programming productivity plugin for IDAPython and C++ development

A Bochs-based instrumentation project designed to log kernel memory references, to identify "double fetches" and other OS vulnerabilities

A PoC for Mhyprot2.sys vulnerable driver that allowing read/write memory in kernel/user via unprivileged user process.

CVE-2020-0683 - Windows MSI “Installer service” Elevation of Privilege

Manul is a coverage-guided parallel fuzzer for open-source and blackbox binaries on Windows, Linux and MacOS

远程控制项目

IDA Pro plugin to assist with complex graphs

A Bochs-based instrumentation performing kernel memory taint tracking to detect disclosure of uninitialized memory to ring 3

Visualize the virtual address space of a Windows process on a Hilbert curve.

Combining Unit Tests, Fuzzing, and AI

AFL binary instrumentation

Source code for File Test - Interactive File System Test Tool

HTran is a connection bouncer, a kind of proxy server. A “listener” program is hacked stealthily onto an unsuspecting host anywhere on the Internet. When it receives signals from the actual target…

ghostwriter is a cross-platform, aesthetic, distraction-free Markdown editor.

Asynchronous Procedure Calls

Bindings for Microsoft WinDBG TTD

Oracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability

A Cross-Platform C++ parser library for Windows user minidumps with Python 3 bindings.

Open source implementations of Microsoft compression algorithms

Export dwarf debug information from IDA Pro

Automate extraction from iOS firmware files (.ipsw)

A Windows kernel dump C++ parser library with Python 3 bindings.

Some Code Samples for Windows based Inter-Process-Communication (IPC)

Local privilege escalation PoC exploit for CVE-2019-16098

I Know Where Your Page Lives: Derandomizing the latest Windows 10 Kernel - ZeroNights 2016

Toolkit for Hyper-V security research

Blazefox exploits for Windows 10 RS5 64-bit.