fengjixuchui

EventPic

messing around with pic and events

global-inject-demo

A global injection and hooking example

NVDrv

Abusing nvidia driver (nvoclock.sys) for physical/virtual memory and control register manipulation.

PE-Packer

🗜️ A packer for Windows x86 executable files written in C and Intel x86 Assembly. The new file after packing can obstruct reverse engineering.

UAC-BOF-Bonanza

Collection of UAC Bypass Techniques Weaponized as BOFs

WinObjEx64

Windows Object Explorer 64-bit

Active-Directory-Exploitation-Cheat-Sheet

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Android-Native-KeyAttestation

A c++ (jni) implementation of KeyAttestation for Android

Android-Notes-2

✍🏻 关注基础知识，打造优质Android博客

Android-ReadTheFuckingSourceCode

😜 记录日常的开发技巧，开发中遇到的技术重点、难点，各个知识点的总结，优质面试题等等。持续更新...

awesome-executable-packing

A curated list of awesome resources related to executable packing

Black-Angel-Rootkit

Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.

cryptopp

free C++ class library of cryptographic schemes

DarkWidow

Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing (Emotet method) + Api resolving from TIB + API hashing

DebugViewPP

DebugView++, collect, view and filter your application logs

EDRSandblast

FilelessPELoader

Loading Remote AES Encrypted PE in memory , Decrypted it and run it

genmc

Display Hex-Rays Microcode

Gepetto

IDA plugin which queries OpenAI's ChatGPT to explain decompiled functions

goomba

gooMBA is a Hex-Rays Decompiler plugin to simplify Mixed Boolean-Arithmetic (MBA) expressions

HexRaysPyTools

IDA Pro plugin which improves work with HexRays decompiler and helps in process of reconstruction structures and classes

HookCase

Tool for reverse engineering macOS/OS X

mhde

A modern C++ port of the HDE (Hacker Disassembler Engine).

n4r1b-hugo

Repo of my RE blog

Pentest-Everything

A collection of CTF write-ups, pentesting topics, guides and notes. Notes compiled from multiple sources and my own lab research. Topics also support OSCP, Active Directory, CRTE, eJPT and eCPPT.

S4Uwhoami

Simple project shows how to use S4U2Self in Windows for making a "super whoami"

SyscallDumper-1

Dump system call codes, names, and offsets from Ntdll.dll

theZoo

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

winafl

A fork of AFL for fuzzing Windows binaries

Z0FCourse_ReverseEngineering

Reverse engineering focusing on x64 Windows.