蒙花落's repositories
blacksun-framework
blacksun framework for QEMU/KVM game cheat development
Chaos-Rootkit
x64 ring0 Rootkit with Process Hiding and Privilege Escalation Capabilities
clamav2yara
Clamav rules to yara.
cprotect
c语言源码级混淆工具
EDR-Preloader
An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
elevate-bypass
bypassuac、administrator->system提权的免杀小工具,可过Defender、360、卡巴等
enum_real_dirbase
从MmPfnData中枚举进程和页目录基址
HiddenDesktop
HVNC for Cobalt Strike
HideInject
隐藏注入
LyMemory
一款免费的内核级内存读写工具,可突破驱动保护,强制读写任意应用层进程内存数据。 A free kernel level memory reading and writing tool, which can break through driver protection and force reading and writing memory data of any application layer process.
Mile.Project.Windows
Configuration template for simplifying the definition of Visual Studio (MSBuild) C++ projects.
NTOSKRNL_Emu
Library of missed NTOSKRNL import functions
PEpper
An open source script to perform malware static analysis on Portable Executable
powershell-obfuscation
powershell免杀混淆器,简单有效,VT全过。A simple and effective powershell obfuscaiton tool bypass Anti-Virus
SkipLoginPrompt
Skips Windows login at startup.
Striker
A Command and Control (C2)
SysWhispers3WinHttp
SysWhispers3WinHttp 基于SysWhispers3项目增添WinHttp分离加载功能,可免杀绕过360核晶与Defender。
Theattacker-Crypter
Tool to evade Antivirus With Different Techniques
TomatoTools
TomatoTools 一款CTF杂项利器,支持36种常见编码和密码算法的加密和解密,31种密文的分析和识别,支持自动提取flag,自定义插件等。
Verify-Signature-Cpp
Verify Authenticode Digital Signature (C++)
WindowProtect
Etw hook 查找窗口相关内核函数 实现窗口保护 适用于Win10
WinEDB
Windows.EDB Browser