Back Engineering Labs

llvm-msvc

[WIP] A forked version of LLVM that prioritizes MSVC compatibility. This version is tailored for Windows users.

bintests

A large collection of 32bit and 64bit PE files useful for verifying the correctness of bin2bin transformations

Voyager

A Hyper-V Hacking Framework For Windows 10 x64 (AMD & Intel)

vmhook

A demonstration of hooking into the VMProtect-2 virtual machine

msrexec

Elevate arbitrary MSR writes to kernel execution.

VDM

Library to manipulate drivers that expose a physical memory read/write primitive.

CheckEvilSln

A simple python script to check evil Visual Studio projects

libwindrv

The libwindrv is a Windows driver library used for testing the llvm-msvc compiler when enabling Kernel CET.

theodosius

Small OBJ/Archive Obfuscation framework

Driver-SoulExtraction

SoulExtraction is a windows driver library for extracting cert information in windows drivers

POC-AntiKernelDebug

POC about how to detect windows kernel debug by pool tag.

FakeEnclave

A POC that abuses Enclave

CallMeWin32kDriver

Load your driver similar to win32k.sys

elderscroll

PDB Rewriting Rust Library

LetMeGG

A POC about how to prevent windbg break

llvm-msvc-installer-src

POC-Detection-CheatEngine

Using ReadDirectoryChangesW to detect CheatEngine

compiler-tests

Fork of Microsoft's SEH compiler tests

coremark-pe

fork of coremark to compile using cmkr/cmake on windows.

setup-llvm-msvc

testfloat-pe

TestFloat compiled into individual PE files with no imports.

badeye

Handle elevation using bedaisy

llvm-msvc-website

POC-ExFlushTb

A POC for monitoring Tb

Tool-DIYSystemMemoryDump

ToolsetChanger

A simple python script is used to change the toolset of the Visual Studio project

.github

iced

Blazing fast and correct x86/x64 disassembler, assembler, decoder, encoder for Rust, .NET, Java, Python, Lua

llvm-msvc-seh-test

pelite

Lightweight, memory-safe, zero-allocation library for reading and navigating PE binaries.