Rwkeith's starred repositories
minimal-mistakes
:triangular_ruler: Jekyll theme for building a personal site, blog, project documentation, or portfolio.
hollows_hunter
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Windows-Research-Kernel-WRK-
Windows Research Kernel Source Code
efi-memory
PoC EFI runtime driver for memory r/w & kdmapper fork
dxgkrnl_hook
C++ graphics kernel subsystem hook
HexraysToolbox
Hexrays Toolbox - Find code patterns within the Hexrays ctree
UEFI-Bootkit
A small bootkit which does not rely on x64 assembly.
D3D11-Worldtoscreen-Finder
D3D11 Worldtoscreen Finder, dx11 w2s, d3d11 w2s, esp, world to screen
HookHunter
Analyze patches in a process
KernelGDIDraw
The program draws with win32k gdi functions in the kernel while NtGdiDdDDISubmitCommand is being hooked.
be-shellcode-tester
BattlEye shellcodes tester
solving-vm-crackme-1
Tutorial on solving a VM based CrackMe.
binja-import-header
Small binja plugin to import header file to types
binja_winmd
win32json Parser for TypeLibrary creation