fengjixuchui's repositories
cs-self-learning
计算机自学指南
android-inline-hook-1
An inline hook library for Android apps.
AsmResolver
A library for editing PE files with full .NET metadata support
awesome-edr-bypass
Awesome EDR Bypass Resources For Ethical Hacking
awesome-protobuf-reverse-engineering
protobuf逆向相关的资料收集
bhook
🔥 ByteHook(aka bhook) is a PLT hook framework for Android app.
EagleVM
WIP Native code virtualizer for x64 binaries
Elkeid
Elkeid is a Cloud-Native Host-Based Intrusion Detection solution project to provide next-generation Threat Detection and Behavior Audition with modern architecture.
emulator
🪅 Windows User Space Emulator
fort
Fort Firewall for Windows
frinet
Frida-based tracer for easier reverse-engineering on Android, iOS, Linux, Windows and most related architectures.
Hasherama
A Windows string hashing toolkit for security research and malware analysis.Research implementation of malware-focused algorithms from VX Underground collection. For educational and research purposes only.
linux-pe
Portable executable format described for non-Windows environments using standart C++.
lpmapper
A mapper that maps shellcode into loaded large page drivers
NtRays
Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.
PE_Inspector
A powerful PE file inspector for analyzing Portable Executable binaries, providing detailed insights into their structure, headers, and properties
PEzor
Open-Source PE Packer
ProcessHacker-Argument-Spoofer
Malware evasion technique by manipulating process command-line arguments to hide the actual executed payload, used to evade the manual detection of ProcessHacker and ProcessExplorer. MITRE ATT&CK ID: T1036.005 (Masquerading: Match Legitimate Name or Location).
syscalls-table
Simple tool to generate HTML table of Linux system calls on different architectures
VX-API
Collection of various malicious functionality to aid in malware development
windows-api-function-cheatsheets
A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization, interprocess communication, Unicode string manipulation, error handling, Winsock networking operations, and registry operations.
Windows_LPE_AFD_CVE-2023-21768
LPE exploit for CVE-2023-21768