bopin2020

dnSpy

Unofficial revival of the well known .NET debugger and assembly editor, dnSpy

stateless

A simple library for creating state machines in C# code

ui

A cross-platform UI library written in V

PolyHook

x86/x64 C++ Hooking Library

StackWalker

Walking the callstack in windows applications

statemachine

A .net library that lets you build state machines (hierarchical, async with fluent definition syntax and reporting capabilities).

de4dot-cex

📦 de4dot deobfuscator with full support for vanilla ConfuserEx

dlr

Dynamic Language Runtime

Discord-RAT-2.0

Discord Remote Administration Tool fully written in c#, stub size of ~75kb, over 40 post exploitations modules

antinet

.NET anti-managed debugger and anti-profiler code

Unity-Obfuscator

Unity代码混淆插件

WindowsKernelBook

《Windows 内核安全编程技术实践》 是一本于2023年3月4日创作完成，并于3月6日首次发表的图书作品，著作权人是王瑞。本书图文并茂、深入浅出、案例丰富，是Windows内核开发工程师的参考资料，也可供信息安全，软件工程等相关专业本科及以上在校生学习参考。本书是近年来少见的关于揭秘AntiRootkit反内核工具实现细节的相关书籍。

Unwinder

Call stack spoofing for Rust

CInject

Windows Kernel inject (no module no thread)

misc

miscellaneous scripts and programs

DetectWindowsCopyOnWriteForAPI

Enumerate various traits from Windows processes as an aid to threat hunting

CVE-2022-3699

Lenovo Diagnostics Driver EoP - Arbitrary R/W

mono.reflection

Some useful reflection helpers, including an IL disassembler.

BrokenFlow

A simple PoC to invoke an encrypted shellcode by using an hidden call

antinet

Anti debugger for .NET

video-virtual-memory-materials

《关于编写 x64 Windows 10 驱动以了解虚拟内存这件事》系列视频附带的代码和材料

MemoryEvasion

A Cobalt Strike memory evasion loader for redteamers

VEH-PoC

Unity-Obfuscator-demo

Unity代码混淆插件使用demo

mpengine_diskus

参考taviso的代码逆向一下mpengine.dll

ConsoleTable

A console based table structure

windbg-ext-template

A template for creating managed WinDbg extensions

ComObjectRedux

Experimental project to explore RCW options for source generation.

EncryptMethodTest

ileditor

helps inject il code using ildasm.exe and ilasm.exe