AV/EDR evasion via direct system calls.

Converts PE into a shellcode

A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-internals…

AV/EDR evasion via direct system calls.

Proxies incoming HTTP and TLS connections based on the hostname contained in the initial request of the TCP session.

Hiding kernel-driver for x86/x64.

Windows Object Explorer 64-bit

State-of-the-art native debugging tool

Fast and lightweight x86/x86-64 disassembler and code generation library

Defeating Windows User Account Control

Advanced driver monitoring utility.

The communications platform that puts data protection first.

Demonstration of triggering non-maskable interrupts using nt&hal API on windows.

Cross-platform multi-protocol VPN software. Pull requests are welcome. The stable version is available at https://github.com/SoftEtherVPN/SoftEtherVPN_Stable.

HackSys Extreme Vulnerable Windows Driver

Custom LoadLibrary / GetProcAddress (x86 / x64) - Load DLL and retrieve functions manually

Linux kernel source tree

Hook system calls on Windows by using Kaspersky's hypervisor

HTTP load generator, ApacheBench (ab) replacement

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

An implementation and proof-of-concept of Process Forking.

A free but powerful Windows kernel research tool.

Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do

Linux Kernel Hacking

Turn off PatchGuard in real time for win7 (7600) ~ later

Hypervisor based anti anti debug plugin for x64dbg

Windows memory hacking library

Code Injection, Inject malicious payload via pagetables pml4.

pdbex is a utility for reconstructing structures and unions from the PDB into compilable C headers