Record and Replay Framework

KLEE Symbolic Execution Engine

Hook system calls, context switches, page faults and more.

Hex-Rays Decompiler plugin for better code navigation

wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows and Linux user-m…

Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.

Fast & memory efficient hashtable based on robin hood hashing for C++11/14/17/20

revng: the core repository of the rev.ng project

Hook system calls on Windows by using Kaspersky's hypervisor

DRAKVUF Black-box Binary Analysis

RpcView is a free tool to explore and decompile Microsoft RPC interfaces

Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.

SymCC: efficient compiler-based symbolic execution

Support ALL Windows Version

The Windows Kernel Programming book samples

QSYM: A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing

gooMBA is a Hex-Rays Decompiler plugin to simplify Mixed Boolean-Arithmetic (MBA) expressions

Lightweight Intel VT-x Hypervisor.

Examples of leaking Kernel Mode information from User Mode on Windows

Tool for PDB generation from IDA Pro database

Time Travel Debugging IDA plugin

An LLVM-based instrumentation tool for universal taint tracking, dataflow analysis, and tracing.

System call hook for Windows 10 20H1

This driver implements the Intel Processor Trace functionality in Intel Skylake architecture for Microsoft Windows

LAVA: Large-scale Automated Vulnerability Addition

This repository contains graphics driver samples used to demonstrate how to write graphics driver for the windows platform.

Fuzz anything with Program Environment Fuzzing

Fuzzer for Linux Kernel Drivers

Dump of win32k POCs for bugs I've found

Fuzzing Unification Framework