Waterman178

AlternativeShellcodeExec

Alternative Shellcode Execution Via Callbacks

auto_game

disable-threat-tracing

Disable threat tracing from the kernel..

DLLHijackTest

DLL and PowerShell script to assist with finding DLL hijacks

dwmhook

noob hooking dwm for overlay

eft

ept-hook-detection

Different aproaches to detecting EPT hooks

EQProtect

EvCommunication

evil-mhyprot-cli

A PoC for vulnerable driver "mhyprot" that allows us to read/write memory in kernel/user from usermode.

executor

fecurity executor from factory

hwid-checker-mg

hwid-checker-mg is simple, proof-of-concept, hardware id checker made in C++ that utilizes the SMBIOS/DMI standards to output information that's been described by the BIOS.

hwid_generation

your computer id

ICPin

An Integrity-Check Monitoring Pintool

Kernel-Anit-Anit-Debug-Plugins

Kernel Anit Anit Debug Plugins 内核反反调试插件

KernelHackBase

KiSystemStartupMeme

Custom KiSystemStartup, can be used to modificate kernel before boot.

MalwareSourceCode

Collection of malware source code for a variety of platforms in an array of different programming languages.

MemScanner

Analyze Windows x64 Kernel Memory Layout

NNXOS64

A 64 bit OS

PeerTube

ActivityPub-federated video streaming platform using P2P directly in your web browser

physmem-Scanner

scans through physical memory and paging tables in kernel mode

pyautogui

A cross-platform GUI automation Python module for human beings. Used to programmatically control the mouse & keyboard.

Sysmon

Sysmon shenanigans

SysWhispers2

AV/EDR evasion via direct system calls.

Themidie

x64dbg plugin to bypass Themida 3.x Anti-Debugger / VM / Monitoring programs checks (x64)

vmware-rpc

Header-only VMWare Backdoor API Implementation & Effortless VMX Patcher for Custom Guest-to-Host RPCs

WebSocket-overlay

external websocket overlay

win10

tenonvpn for windows

xFindOut

A plugin to x64dbg that lets you find out what writes to/accesses particular address