Ap3x's starred repositories
CheekyBlinder
Enumerating and removing kernel callbacks using signed vulnerable drivers
grimreaper
A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls
WinDbg-Samples
Sample extensions, scripts, and API uses for WinDbg.
modern-cpp-windows-driver-template
Windows driver template, using C++20 & cmake & GithubActions
CrimsonEDR
Simulate the behavior of AV/EDR for malware development training.
SymProcAddress
Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)
SymProcSleuth
A pure C version of SymProcAddress
windbg-scripts
A bunch of JavaScript extensions for WinDbg.
WinDbg_Scripts
Useful scripts for WinDbg using the debugger data model
WinDbgCookbook
This is a repo for small, useful scripts and extensions
Chaos-Rootkit
Now You See Me, Now You Don't
SpookFlare
Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures.
EDR-Preloader
An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer