L4ys

LazyIDA

Make your IDA Lazy!

CVE-2022-21882

IDASignsrch

IDA_Signsrch in Python

CTF

Some of my CTF solutions

LazyKLEE

Lazy python wrapper of KLEE for solving CTF challenges

DisableDynamicBase

Small tool to remove IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE Flag from PE Header

UltraTools

NCTU-OSDI

CVE-2019-0808

Win32k Exploit by Grant Willcox

Disclosures

Zero-day and N-day security vulnerability notes, analysis, and proof-of-concepts

eBPF_processor

An IDA processor for eBPF bytecode

NCTU-Software-Testing

NtCall64

Windows NT x64 syscall fuzzer

openprocmon

open source process monitor

PoC

Proofs-of-concept

polarbearrepo

Presentation

python-windows-driver-loader

A simple python tool and supporting classes for loading/unloading/starting/stopping windows drivers

SuperDllHijack

SuperDllHijack：A general DLL hijack technology, don't need to manually export the same function interface of the DLL, so easy! 一种通用Dll劫持技术，不再需要手工导出Dll的函数接口了

unicorn_pe

Unicorn PE is an unicorn based instrumentation project designed to emulate code execution for windows PE files.

aura

blog-comments

eBPF-for-Ghidra

eBPF Processor for Ghidra

HRAST

PoC of modifying HexRays AST

iBoot

iBoot Source Code | Makefile not ran

IDR

Interactive Delphi Reconstructor

Mirage

kernel-mode Anti-Anti-Debug plugin. based on intel vt-x && ept technology

pdb

ida pdb plugin with enhance and bugfix

redmine_gitlab_hook

This plugin allows you to update your local Git repositories in Redmine when changes have been pushed to GitLab.

rsolomakhin.github.io