codingman's repositories
vs-shellcode
Shellcode template for visual studio
HiddenDesktop
Create and enumerate hidden desktops.
IdaClu
IdaClu is a version agnostic IDA Pro plugin for grouping similar functions. Pick an existing grouping algorithm or create your own.
Frosty
「🧊」Ring 3 Rootkit for Windows 10
vnote
A pleasant note-taking platform.
openedr
Open EDR public repository
EfiGuard
Disable PatchGuard and DSE at boot time
CodeStudy
逆的或者收集的别人家的代码
melody_windows
Melody Optimization Script for Windows
360Safe
大数字驱动逆向代码
windows-defender-remover
A tool which is uses to remove Windows Defender in Windows 8.x, Windows 10 (every version) and Windows 11.
IDA_Plugin_AntiDebugSeeker
Automatically identify and extract potential anti-debugging techniques used by malware.
EVTX-ETW-Resources
Event Tracing For Windows (ETW) Resources
GhostTask
A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.
global-inject-demo
A global injection and hooking example
Process-Hollowing
Great explanation of Process Hollowing (a Technique often used in Malware)
HyperDbg
The HyperDbg project is a hypervisor-based, kernel-mode, and user-mode debugger that aims to bring innovative ideas to the debuggers world!
llvm-msvc
[WIP] Forked LLVM focused on MSVC Compatibility. This version is designed for windows users
Tokenvator
A tool to elevate privilege with Windows Tokens
RpcView
RpcView is a free tool to explore and decompile Microsoft RPC interfaces
Shark
Turn off PatchGuard in real time for win7 (7600) ~ win10 (18950).
WMI-Explorer
An updated fork of @vinaypamnani's wmie2 project
Detours
Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.
InfinityHookProMax
InfinityHookProMax: Make InfinityHook great great again
PigSyscall
An implementation of an indirect system call