NVIDIA Linux open GPU kernel module source

BlackLotus UEFI Windows Bootkit

A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.

Macro-header for compile-time C obfuscation (tcc, win x86/x64)

A modern 32/64-bit position independent implant template

Legit DLC Unlocker for Epic Online Services

LoadLibrary for offensive operations

bddisasm is a fast, lightweight, x86/x64 instruction decoder. The project also features a fast, basic, x86/x64 instruction emulator, designed specifically to detect shellcode-like behavior.

Literally, the perfect injector.

An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).

kernel mode anti cheat

A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.

EDRSandblast-GodFault

RISC-V Virtual Machine

CLI tool that can replace C# methods in .NET Core applications

Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution

Demonstration of x64dbg against a series of simple executables

Proof-of-Concept software for detecting AV/EDR hooks in Windows libraries.

用于研究vs2008的crt源码，以编写windows下posix c 库

This is a modified version of Mini-CRT++ in the book <程序员的自我修养>, it supports 32-bit and 64-bit system.