Stars
Multi-purpose proof-of-concept tool based on CPU-Z CVE-2017-15303
Set of tools to analyze Windows sandboxes for exposed attack surface.
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team…
Extended Process Monitor-like tool based on Event Tracing for Windows
Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, TriCore, X86)
Small and highly portable detection tests based on MITRE's ATT&CK.
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
🎬 Command line utility for synchronizing Plex Media Server watched / seen status between multiple servers
Toolkit to emulate firmware and analyse it for security vulnerabilities
Intel® Hardware Accelerated Execution Manager (Intel® HAXM)
RetDec is a retargetable machine-code decompiler based on LLVM.
A collection of hacking / penetration testing resources to make you better!
The goal of the tool is to monitor requests received by selected device objects or kernel drivers. The tool is quite similar to IrpTracker but has several enhancements. It supports 64-bit versions …
Security Research from the Microsoft Security Response Center (MSRC)
Examples of leaking Kernel Mode information from User Mode on Windows
Translates WinDbg "dt" structure dump to a C structure
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
Some setup scripts for security research tools.
The X86 Encoder Decoder (XED), is a software library for encoding and decoding X86 (IA32 and Intel64) instructions
The official Windows Driver Kit documentation sources
A fork of AFL for fuzzing Windows binaries
A PoC WMI backdoor presented at Black Hat 2015
ATrace is a tool for tracing execution of binaries on Windows.