Containing my notes, practice binaries + solutions, blog posts, etc. for the Offensive Security Exploit Developer (OSED/EXP-301)

AV/EDR evasion via direct system calls.

Native API header files for the System Informer project.

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers

Package any app from Winget to Intune - WinTuner

A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-internals…

An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidel…

A list of IDA Plugins

Modified version of IDA ClassInformer with virtual functions

Simple C++ DLL Manual Map Injector For x86 and x64

EasyHook - The reinvention of Windows API Hooking

The Minimalistic x86/x64 API Hooking Library for Windows

Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.

MemRE is a memory editor with Unreal Engine support

Kernal Driver Tutorial For Getting Started With Kernel Drivers

.NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!

🎓 Path to a free self-taught education in Computer Science!

Realtime C/C++ to binary code (Shellcode generator)

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

This repository of PowerShell sample scripts show how to access Intune service resources. They demonstrate this by making HTTPS RESTful API requests to the Microsoft Graph API from PowerShell.

Sample shell scripts for Intune admins.

📚 Freely available programming books

This is a C++ library that can be used to access different information about processes on the windows platform, it also provides you with the capability of executing 64-bit code in Wow64 processes.

.NET debugger and assembly editor

A source generator to add a user-defined set of Win32 P/Invoke methods and supporting types to a C# project.

.NET Project containing plenty of advanced techniques to detect various types of malicious actions on your software, with syscall support.