Run Microsoft Windows NTVDM (DOS) on 64bit Editions

Linux kernel source tree

The engine that powers DeLorean!

Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".

PoC exploits for software vulnerabilities

The system call intercepting library

linikatz is a tool to attack AD on UNIX

Exploiting DLL Hijacking by DLL Proxying Super Easily

Kernel Fuzzer for Xen Project (KF/x) - Hypervisor-based fuzzing using Xen VM forking, VMI & AFL

SMB2/3 userspace client

A simple ARP spoofer for Windows

wsb-detect enables you to detect if you are running in Windows Sandbox ("WSB")

Windows NT4 Kernel Source code

This repository contains scripts, configurations and deprecated payload loaders for Brute Ratel C4 (https://bruteratel.com/)

Code samples for the Understanding Windows x64 Assembly tutorial.

The ultimate hooking library

Recon 2015 Presentation from Alex Ionescu

This is a simple example and explanation of obfuscating API resolution via hashing

x64 Assembly HalosGate direct System Caller to evade EDR UserLand hooks

Shellcoding utilities

Defective SMb: A minimalist implementation of a client library for SMBv1 using Plain'Ol C

Publications from Calif

PageBuster - dump all executable pages of packed processes.

针对（CVE-2023-0179）漏洞利用 该漏洞被分配为CVE-2023-0179，影响了从5.5到6.2-rc3的所有Linux版本，该漏洞在6.1.6上被测试。 漏洞的细节和文章可以在os-security上找到。

Exploit targeting NT kernel in 24H2 Windows Insider Preview

Windows Software Exploitation

simple sudoless X11 keylogger