JerryLinLinLin's repositories
Huorong-ATP-Rules
一款火绒增强HIPS自定义规则
SampleMailSubmitter
A tool for automatically sending suspicious/false-flag files via email to Antivirus vendors
AV_Detection_Dump
Antivirus Detection Name Dump
VirusTotalSmartScanner
A Smart Anti-Virus Scanner Powered by Virus Total
Huorong-HIPS-Rule-Schema
The project includes two json schemas of Huorong Host-based Intrusion Prevention System (HIPS) custom rule files (json). They can be used to validate Huorong HIPS rules and speed up editing.
JerryLinLinLin.github.io
My blog
append_signed_pe
Append custom data to signed pe file and DONOT DESTROY SIGNED STATUS.
Awesome-Cybersecurity-Handbooks
A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.
CyberBattleSim
An experimentation and research platform to investigate the interaction of automated agents in an abstract simulated network environments.
Dirty-Vanity
A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.html#dirty-vanity-a-new-approach-to-code-injection--edr-bypass-28417
drakvuf-sandbox
DRAKVUF Sandbox - automated hypervisor-level malware analysis system
dyninst
DyninstAPI: Tools for binary instrumentation, analysis, and modification.
EsetLogParser
Python script for parsing ESET (NOD32) virlog.dat file.
irma
IRMA is an asynchronous & customizable analysis system for suspicious files.
local-talking-llm
A talking LLM that runs on your own computer without needing the internet.
phantomstyle
Cross-platform QStyle for traditionalists
RaspberryPi-chan
Local Voice Assistant Running on Raspberry Pi
Scanners-Box
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
SOREL-20M
Sophos-ReversingLabs 20 million sample dataset
Twitter-s-the-algorithm
Source code for Twitter's Recommendation Algorithm
Twitter-s-the-algorithm-ml
Source code for Twitter's Recommendation Algorithm
VMProtect
VMProtect source code leak (incomplete, some important files are still missing, but you can still see it as a reference on how to virtualize the code)