Stars
Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling without admin permissions or kernel drivers.
Library for lifting machine code to LLVM bitcode
C++ 20 Control Flow Obfuscation library for Windows Binaries
eBPF implementation that runs on top of Windows
wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows and Linux user-m…
Persistent dict, backed by sqlite3 and pickle, multithread-safe.
NTFUZZ: Enabling Type-Aware Kernel Fuzzing on Windows with Static Binary Analysis (IEEE S&P '21)
Intel PT log analyzer With Parallel Processing And Basic Block Offset Caching Support
weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interesting functionality in large codebases.
Binary, coverage-guided fuzzer for Windows, macOS, Linux and Android
AV/EDR evasion via direct system calls.
Virtual-machine Translation Intermediate Language
A static devirtualizer for VMProtect x64 3.x. powered by VTIL.
Porting Windows Dynamic Link Libraries to Linux
Framework to test any Anti-Cheat
HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux
The Minimalistic x86/x64 API Hooking Library for Windows
😎 Awesome lists about all kinds of interesting topics
CodeAlchemist: Semantics-Aware Code Generation to Find Vulnerabilities in JavaScript Engines (NDSS '19)
Playing with the Tigress software protection. Break some of its protections and solve their reverse engineering challenges. Automatic deobfuscation using symbolic execution, taint analysis and LLVM.
Framework for lifting x86, amd64, aarch64, sparc32, and sparc64 program binaries to LLVM bitcode