jilvan1234's repositories
CiDllDemo
Use ci.dll API for validating Authenticode signature of files
cobaltstrike-beacon-data
Open Dataset of Cobalt Strike Beacon metadata (2018-2022)
Cronos-Rootkit
Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.
Direct-NtCreateUserProcess
Call NtCreateUserProcess directly as normal.
dncil
The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.
driver_read_and_write
驱动读写项目
DrvMon
Advanced driver monitoring utility.
dwm-screen-shot
将shellcode注入dwm.exe以进行屏幕截取
EASY-HWID-SPOOFER
基于内核模式的硬件信息欺骗工具
Etw-Syscall
https://key08.com/index.php/2021/10/19/1375.html
httpworker
A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educational use only.
hvcv
Virtualization Simply Code
Hyara
Yara rule making tool (IDA Pro & Binary Ninja & Cutter Plugin)
ida_bitfields
IDA Pro plugin to make bitfield accesses easier to grep
MapPage
Mapping your code on a 0x1000 size page
MemoryModule-1
A tool to parse and load module in memory, as well as attach a DLL in EXE. Most of the functions are inline, so that it can also be used in shellcode.
mpengine_diskus
参考taviso的代码逆向一下mpengine.dll
NoOne
一款windows64位的ark工具 rootkit
ObjectExplorer
Explore Kernel Objects on Windows
read-ntfs
Collecting from many resources about NTFS in C++
through_the_wire
CVE-2022-26134 Proof of Concept
U-Boat
Russia Wipers Dropper (REvil Ransomware included)
Veil
WDKExt 2 !!
vfdynf
Application Verifier Dynamic Fault Injection
wloader
Windows 10 PRO Activator - No more backdoors via loaders from China and neither you will need any crack anymore that is valid for a week or two. This is script is written for powershell/cmd. This script will also removing all bloatware from Windows 10. Edit the script after your needs.
xdp-for-windows
A Windows interface used to accelerate networking by bypassing most of the OS networking stack.