DirWangK's starred repositories
themida-unmutate
Static deobfuscator for Themida/WinLicense/Code Virtualizer's mutation-based obfuscation.
mitmproxy_rs
The Rust bits in mitmproxy. 🦀
swisscheese
Exploits for YARA 3.7.1 & 3.8.1
HexRaysPyTools
IDA Pro plugin which improves work with HexRays decompiler and helps in process of reconstruction structures and classes
Harden-Windows-Security
Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | Read The Rationale https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Rationale.md
Jormungandr
Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
reverser_ai
Provides automated reverse engineering assistance through the use of local large language models (LLMs) on consumer hardware.
sharem
SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also contains its own custom disassembler, with many innovative features, such as being able to show the deobfuscated disassembly of an encoded shellcode, or integrating emulation data to enhance the disassembly.
awesome-windows-kernel-security-development
windows kernel security development
EDR-Preloader
An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
BestEdrOfTheMarket
Little user-mode AV/EDR evasion lab for training & learning purposes
VMP-Imports-Deobfuscator
VMProtect 2.x-3.x x64 Import Deobfuscator
divination
Python module for platform, iospace and physmem inspection