TheCruZ

al-khaser

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

THIS_REPO_HAS_3077_STARS

Click Star ⭐️ to see it in action :trollface:

KDU

Kernel Driver Utility

kdmapper

KDMapper is a simple tool that exploits iqvw64e.sys Intel driver to manually map non-signed drivers in memory

vmprotect-3.5.1

Alcatraz

x64 binary obfuscator

xorstr

heavily vectorized c++17 compile time string encryption.

skCrypter

Compile-time, Usermode + Kernelmode, safe and lightweight string crypter library for C++11+

dxgkrnl_hook

C++ graphics kernel subsystem hook

apexdream

Apex Legends external cheat for UnKnoWnCheaTs in Rust

oxorany

obfuscated any constant encryption in compile time on any platform

EC

open-source cheat [CS:GO/CS2/Apex]

SimpleSvmHook

SimpleSvmHook is a research purpose hypervisor for Windows on AMD processors.

FutureNNAimbot

Universal neural network aimbot for all games with custom training mode

UMPMLib

A library to manipulate physical memory from usermode.

owned_alignment

Hooking kernel functions by abusing alignment

KernelDrawing

Drawing from kernelmode without any hooks

callout-poc

Process-Injection-Techniques

Various Process Injection Techniques

wpp

Intercepting DeviceControl via WPP

physmem-Scanner

scans through physical memory and paging tables in kernel mode

advanced-custom-fields-pro

Wordpress plugin Advanced Custom Fields Pro - GPL

apex-legends-cheat

external apex legends cheat - esp, chams, rcs

PatchBoot

Guide for patching AMI Aptio V UEFI firmware to circumvent Secure Boot checks

syscall-direct

SubGetVariable

Old project (2020) reformed. Modifies gRT->GetVariable sub function from EFI_APPLICATION. Tested on Win10 22H2 (AMD).

CommonCheatingSnippets

GetDeviceInterfacesMemoryLeak

Small memory leak PoC that is happening in IopGetDeviceInterfaces

TPM-SPOOFER

PUBG_SDK