Drltrace is a library calls tracer for Windows and Linux applications.

Binary Ninja Plugin

A detour through the Linux dynamic linker

Rust tool to detect cell site simulators on an orbic mobile hotspot

Hiding kernel-driver for x86/x64.

This project aims to compare and evaluate the telemetry of various EDR products.

Find out how to bypass HVCI (or not). My own research on Microsoft Warbird (specifically in clipsp.sys)

Patchestry is a binary patching framework built with MLIR and Ghidra.

Utility to convert SysInternals' Sysmon binary configuration to XML

IDA 2016 plugin contest winner! Symbolic Execution just one-click away!

Sample extensions, scripts, and API uses for WinDbg.

Small and lightweight x86-64 VBR bootkit for research purposes

Lightweight x86-64 instruction length disassembler (LDE)

Lightweight x86-64 disassembling library

A markup-based typesetting system that is powerful and easy to learn.

game of active directory

Python Frontend to LLVM IR for eBPF programs in Pure Python

Python Bindings for libbpf

A deobfuscation tool for Eazfuscator.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Get information about stripped rust executables

Playing with the VMProtect software protection. Automatic deobfuscation of pure functions using symbolic execution and LLVM.

C++11/14/17 std::expected with functional-style extensions

Xbox/Xbox360 loader plugin for IDA 9, and xex1tool, supporting most known Xbox executable file formats (XEX/XBE)

This repository offers an open-source C++ SDK bindings for IDA, enabling custom plugin development and automation.

An open source (GPLv3) deobfuscator and unpacker for Eziriz .NET Reactor

Deobfuscate obfuscator.io, unminify and unpack bundled javascript

Metamorphic cross-compilation of C++ & C-code to PIC, BOF & EXE.

PixiEditor is a Universal Editor for all your 2D needs

IDA Domain API - Python interface for IDA Pro reverse engineering platform