codingman's repositories
Awesome-Redteam
一个攻防知识仓库 Red Teaming and Offensive Security
c-ares
A C library for asynchronous DNS requests
CrystalDiskInfo
CrystalDiskInfo
DebugViewPP
DebugView++, collects, views, filters your application logs, and highlights information that is important to you!
Dependencies
A rewrite of the old legacy software "depends.exe" in C# for Windows devs to troubleshoot dll load dependencies issues.
EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
errorlookup
Simple tool for retrieving information about Windows errors codes.
GH-Injector-Library
A feature rich DLL injection library.
hollows_hunter
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
IconJector
Unorthodox and stealthy way to inject a DLL into the explorer using icons
IDA_PHNT_TYPES
Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).
ImHex
🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
masscan
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
NamedPipeMaster
a tool used to analyze and monitor in named pipes
no-defender
no-defender re-up all credit goes to https://github.com/es3n1n/no-defender
ProtectionSolution
This is the AV ("protection solution") used for my windows 10 rootkit main project. this includes the installer stager program, a service to perform automatic UM operations on boot and the protection driver used for SSDT, inline hooks detection, hidden processes by DKOM, vulnurable drivers validation and others.
RadioMgr
Project to switch Bluetooth on Windows PC.
ret-sync
ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra disassemblers.
simplewall
Simple tool to configure Windows Filtering Platform (WFP) which can configure network activity on your computer.
sqlcipher
SQLCipher is a standalone fork of SQLite that adds 256 bit AES encryption of database files and other security features.
TrojanCockroach
A Stealthy Trojan Spyware
UltraVNC
UltraVNC Server, UltraVNC Viewer and UltraVNC SC | Official repository: https://github.com/ultravnc/UltraVNC
WinDbg-Samples
Sample extensions, scripts, and API uses for WinDbg.
Windows-APT-Warfare
著作《Windows APT Warfare:惡意程式前線戰術指南》各章節技術實作之原始碼內容
Windows-classic-samples
This repo contains samples that demonstrate the API used in Windows classic desktop applications.
Windows-rust-driver-samples
Rust port of the official Windows Driver Samples on Github. Leverages windows-drivers-rs
WindowsAppSDK-Samples
Feature samples for the Windows App SDK
winsec-ark
Anti-Rootkit Tool for Windows
wow64ext
Another wow64ext to try to be compatible with WOW64 for all architectures.