bopin's starred repositories
StackWalker
Walking the callstack in windows applications
statemachine
A .net library that lets you build state machines (hierarchical, async with fluent definition syntax and reporting capabilities).
de4dot-cex
📦 de4dot deobfuscator with full support for vanilla ConfuserEx
Discord-RAT-2.0
Discord Remote Administration Tool fully written in c#, stub size of ~75kb, over 40 post exploitations modules
Unity-Obfuscator
Unity代码混淆插件
WindowsKernelBook
《Windows 内核安全编程技术实践》 是一本于2023年3月4日创作完成,并于3月6日首次发表的图书作品,著作权人是王瑞。本书图文并茂、深入浅出、案例丰富,是Windows内核开发工程师的参考资料,也可供信息安全,软件工程等相关专业本科及以上在校生学习参考。本书是近年来少见的关于揭秘AntiRootkit反内核工具实现细节的相关书籍。
DetectWindowsCopyOnWriteForAPI
Enumerate various traits from Windows processes as an aid to threat hunting
CVE-2022-3699
Lenovo Diagnostics Driver EoP - Arbitrary R/W
mono.reflection
Some useful reflection helpers, including an IL disassembler.
BrokenFlow
A simple PoC to invoke an encrypted shellcode by using an hidden call
video-virtual-memory-materials
《关于编写 x64 Windows 10 驱动以了解虚拟内存这件事》系列视频附带的代码和材料
MemoryEvasion
A Cobalt Strike memory evasion loader for redteamers
Unity-Obfuscator-demo
Unity代码混淆插件使用demo
mpengine_diskus
参考taviso的代码逆向一下mpengine.dll
ConsoleTable
A console based table structure
windbg-ext-template
A template for creating managed WinDbg extensions
ComObjectRedux
Experimental project to explore RCW options for source generation.