fengjixuchui

VMAware

VM detection library (beta)

ChromeKatz

Dump cookies directly from Chrome process memory

ScreenExpander

A Driver-Level Remote Screen Expander on Windows

AFNetworking

A delightful networking framework for iOS, macOS, watchOS, and tvOS.

bkcrack

Crack legacy zip encryption with Biham and Kocher's known plaintext attack.

blackleak

CVE-2024-30212

BypassAntiVirus

远控免杀系列

capstone

Capstone disassembly/disassembler framework for ARM, ARM64 (ARMv8), Alpha, BPF, Ethereum VM, HPPA, M68K, M680X, Mips, MOS65XX, PPC, RISC-V(rv32G/rv64G), SH, Sparc, SystemZ, TMS320C64X, TriCore, Webassembly, XCore and X86.

curl

A command line tool and library for transferring data with URL syntax, supporting HTTP, HTTPS, FTP, FTPS, GOPHER, TFTP, SCP, SFTP, SMB, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3, RTSP and RTMP. libcurl offers a myriad of powerful features

Disable-TamperProtection

A POC to disable TamperProtection and other Defender / MDE components

fake-linker

Modify Android linker to provide loading module and hook function

folly

An open-source C++ library developed and used at Facebook.

GhostlyHollowingViaTamperedSyscalls

Implementing the ghostly hollowing PE injection technique using tampered syscalls.

IdaMeme

Crashes ida on static analyses.

ILSpy

.NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!

iOS-1

Most usable tools for iOS penetration testing

KCTF-KeyME-Cracker

看雪2020 KCTF秋季赛 第八题 惊天阴谋 题解代码

keychain-swift

Helper functions for saving text in Keychain securely for iOS, OS X, tvOS and watchOS.

mbr-overwrite

Overwrites MBR with own ASM file!

mitmproxy

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

MS-DOS

The original sources of MS-DOS 1.25 and 2.0, for reference purposes

Presentations1

RelabelAbuse

RWX_MEMEORY_HUNT_AND_INJECTION_DV

Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.

santa

A binary whitelisting/blacklisting system for macOS

tableflipper

partially disable patchguard up to win11 21H2

TInjector

劫持Zygote在App启动前注入so

VasieDrv

Simple .data ptr driver Maybe someone can learn from it idk

Voidgate

A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encrypted assembly instructions, thus rendering memory scanners useless for that specific memory page.

xnu1