Open-source KVM software

Legacy mirror of Darwin Kernel. Replaced by https://github.com/apple-oss-distributions/xnu

Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, TriCore, X86)

A repository for learning various heap exploitation techniques.

The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!

Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do

State-of-the-art native debugging tools

Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)

UNIX-like reverse engineering framework and command-line toolset.

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja disassemblers.

🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc

Windows NT Syscall tables

Research code & papers from members of vx-underground.

xAnalyzer plugin for x64dbg

Filesystem monitor tool for Linux/Android iOS/macOS

A collection of vulnerable ARM binaries for practicing exploit development

The Official Radare2 Book

Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted file

Winnie makes fuzzing Windows applications easy

OWASP iGoat (Swift) - A Damn Vulnerable Swift Application for iOS

Coverage-guided binary fuzzing powered by Frida Stalker

Windows user-land hooks manipulation tool.

Tool for profiling heap usage and memory management