Jerry's repositories
APT-Hunter
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
Shark
Turn off PatchGuard in real time for win7 (7600) ~ later
Daat
a simple intel vt code both support x86 & x64. PatchGuard monitor.
AlphaGolang
IDApython Scripts for Analyzing Golang Binaries
SysWhispers
AV/EDR evasion via direct system calls.
WinAPI-Tricks
Collection of various WINAPI tricks / features used or abused by Malware
WindowsSpyBlocker
Block spying and tracking on Windows
npcap
Nmap Project's Windows packet capture and transmission library
MalwareSourceCode
Collection of malware source code for a variety of platforms in an array of different programming languages.
car
Cyber Analytics Repository
goblin
一款适用于红蓝对抗中的仿真钓鱼系统
awesome-reverse-engineering
Reverse Engineering Resources About All Platforms(Windows/Linux/macOS/Android/iOS/IoT) And Every Aspect! (More than 3500 open source tools and 2300 posts&videos)
file
Read-only mirror of file CVS repository, updated every half hour. NOTE: do not make pull requests here, nor comment any commits, submit them usual way to bug tracker or to the mailing list. Maintainer(s) are not tracking this git mirror.
hidden
Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc
python-magic
A python wrapper for libmagic
gaiya
Gaiya is a toolkit to extract C&C from elf.
UACME
Defeating Windows User Account Control
WinPwnage
UAC bypass, Elevate, Persistence methods
awesome-cpp
A curated list of awesome C++ (or C) frameworks, libraries, resources, and shiny things. Inspired by awesome-... stuff.
awesome
😎 Awesome lists about all kinds of interesting topics
DuckSandboxDetect
沙箱测试,测评国内常见沙箱的代码与结论
drakvuf-sandbox
DRAKVUF Sandbox - automated hypervisor-level malware analysis system
EfiGuard
Disable PatchGuard and DSE at boot time
SyscallHook
System call hook for Windows 10 20H1
bpf-hookdetect
Dectect syscall hooking using eBPF
windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合
drop-water
滴水逆向课件
VmwareHardenedLoader
Vmware Hardened VM detection mitigation loader (anti anti-vm)