derUnbekannt's starred repositories
peinjector
peinjector - MITM PE file infector
win_driver_plugin
A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.
literature_review
Survey of program analysis research with a focus on machine code
HitCon-2016-Windows-10-x64-edge-0day-and-exploit
HitCon 2016 Windows 10 x64 edge 0day and exploit
IRPMon
The goal of the tool is to monitor requests received by selected device objects or kernel drivers. The tool is quite similar to IrpTracker but has several enhancements. It supports 64-bit versions of Windows (no inline hooks are used, only moodifications to driver object structures are performed) and monitors IRP, FastIo, AddDevice, DriverUnload and StartIo requests.
visual-studio-projects
Holds all simple Visual Studio programs that I've created over the years.
DrvHide-PoC
Hidden kernel mode code execution for bypassing modern anti-rootkits.
PTBypass-PoC
Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.
WindowsRegistryRootkit
Kernel rootkit, that lives inside the Windows registry values data
HackSysExtremeVulnerableDriver
HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux
awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
volatility
An advanced memory forensics framework