0xhellord's repositories
bincat
Binary code static analyser, with IDA integration. Performs value and taint analysis, type reconstruction, use-after-free and double-free detection
cbsenum
Windows package listing and uninstallation
EAC-CR3-BYPASS
A simple UM + KM example of how to bypass EAC CR3
ETWAnalyzer
Command line tool to analyze one/many ETW file/s with simple queries for common issues.
HyperDeceit
HyperDeceit is the ultimate all-in-one library that emulates Hyper-V for Windows, giving you the ability to intercept and manipulate operating system tasks with ease.
KDU
Kernel Driver Utility
mach2
Windows Feature Control Multi-tool
manifestenum
Assembly database inspector for Windows
MemProcFS
MemProcFS
mouseMovement
MOUSE MOVEMENT BYPASS VALORANT VANGUARD
orbit
C/C++ Performance Profiler
pcileech
Direct Memory Access (DMA) Attack Software
perfview
PerfView is a CPU and memory performance-analysis tool
PLCT-Weekly
软件所PLCT实验室在开源领域的不定期简报
qq-hook-msg
qq-hook-msg
Spark
✨Spark is a web-based, cross-platform and full-featured Remote Administration Tool (RAT) written in Go that allows you control all your devices anywhere. Spark是一个Go编写的,网页UI、跨平台以及多功能的远程控制和监控工具,你可以随时随地监控和控制所有设备。
STrace
A DTrace on Windows Reimplementation
SXSEXP
Expand compressed files from WinSxS folder
UniExtract2
Universal Extractor 2 is a tool to extract files from any type of archive or installer.
VMProtect
VMProtect source code leak (incomplete, some important files are still missing, but you can still see it as a reference on how to virtualize the code)
winipt
The Windows Library for Intel Process Trace (WinIPT) is a project that leverages the new Intel Processor Trace functionality exposed by Windows 10 Redstone 5 (1809), through a set of libraries and a command-line tool.
WinTools
A collection of free miscellaneous Windows tools
wirehair
Wirehair : O(N) Fountain Code for Large Data
x64dbgCallFinder
A x64dbg plugin for quickly locating key functions.
Yumekage
Demo proof of concept for shadow regions, and implementation of HyperDeceit.