Lays's repositories
IDASignsrch
IDA_Signsrch in Python
DisableDynamicBase
Small tool to remove IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE Flag from PE Header
CVE-2019-0808
Win32k Exploit by Grant Willcox
Disclosures
Zero-day and N-day security vulnerability notes, analysis, and proof-of-concepts
eBPF_processor
An IDA processor for eBPF bytecode
openprocmon
open source process monitor
python-windows-driver-loader
A simple python tool and supporting classes for loading/unloading/starting/stopping windows drivers
SuperDllHijack
SuperDllHijack:A general DLL hijack technology, don't need to manually export the same function interface of the DLL, so easy! 一种通用Dll劫持技术,不再需要手工导出Dll的函数接口了
unicorn_pe
Unicorn PE is an unicorn based instrumentation project designed to emulate code execution for windows PE files.
eBPF-for-Ghidra
eBPF Processor for Ghidra
iBoot
iBoot Source Code | Makefile not ran
Mirage
kernel-mode Anti-Anti-Debug plugin. based on intel vt-x && ept technology
pdb
ida pdb plugin with enhance and bugfix
redmine_gitlab_hook
This plugin allows you to update your local Git repositories in Redmine when changes have been pushed to GitLab.