Frame profiler

C++ library for symbolic computations

Small portable AES128/192/256 in C

A set of fully-undetectable process injection techniques abusing Windows Thread Pools

KDMapper is a simple tool that exploits iqvw64e.sys Intel driver to manually map non-signed drivers in memory

A tool that is used to hunt vulnerabilities in x64 WDM drivers

MouClassInputInjection implements a kernel interface for injecting mouse input data packets into the input data stream of HID USB mouse devices.

A Windows kernel driver simulating hardware HID mouse and accompanying client application

A tutorial on how to write a packer for Windows!

Platform for emulation and dynamic analysis of Linux-based firmware

A patch to hide qemu itself, bypass mhyprot,EAC,nProtect / VMProtect,VProtect, Themida, Enigma Protector,Safegine Shielden

☁️ Python package for interacting with Steam. Fork of ValvePython/steam

Valve Anti-Cheat bypass written in C.

A tiny experiment to recreate the volumetric smoke for Counter Strike 2 in Godot

A Windows PE packer for executables (x64) with LZMA compression and with full TLS (Thread Local Storage) support.

HIDInput is a device driver that emulates mouse and/or keyboard input, and has been supplemented with easy to use functions that aid in the decision making process of when or how to synthesize such…

Fast text search tool with advanced algorithms, SIMD acceleration, multi-threading, and regex support. Designed for rapid, large-scale pattern matching with memory-mapped I/O and hardware optimizat…

Rendering on external windows via hijacking thread contexts

An step by step fuzzing tutorial. A GitHub Security Lab initiative

Obfusk8: lightweight Obfuscation library based on C++17 / Header Only for windows binaries

A black hole for Internet advertisements

Windows Subsystem for Linux

Qtap: An eBPF agent that captures pre-encrypted network traffic, providing rich context about egress connections and their originating processes.

Anki is a smart spaced repetition flashcard program

The official Pi-hole Docker image from pi-hole.net

A basic Direct Kernel Object Manipulation rootkit that removes a process from the EPROCESS list, hiding it from the Task Manager

Obfuscator based on LLVM 12.0.1 (continuously updating)

Polaris: An LLVM-based obfuscator that protects software at various levels

A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository…

PowerSploit - A PowerShell Post-Exploitation Framework