jilvan1234's repositories
black-hat-cpp
C++ Programming for Hackers
company-crawler
天眼查爬虫&企查查爬虫,指定关键字爬取公司信息
CVE-2022-21882
win32k LPE
DefenderSwitch
Stop Windows Defender using the Win32 API
Detect-HiddenThread-via-KPRCB
Detect removed thread from PspCidTable.
Detect-KeAttachProcess
Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.
EtwTi-Syscall-Hook
A simple program to hook the current process to identify the manual syscall executions on windows
hygieia
Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.
IDABeautify
An IDA plugin for making pseudocode better.
MalMemDetect
Detect strange memory regions and DLLs
Malware-analysis-and-Reverse-engineering
Some of my publicly available Malware analysis and Reverse engineering.
ntfstool
Forensics tool for NTFS (parser, mft, bitlocker, deleted files)
patching
An Interactive Binary Patching Plugin for IDA Pro
PR0CESS
some gadgets about windows process and ready to use :)
PTView
Browse Page Tables on Windows
raw_pdb
A C++11 library for reading Microsoft Program DataBase PDB files
SealighterTI
Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider
ShellcodeTemplate
A easily modifiable shellcode template for Windows x64/x86
Shellcodev
Shellcodev is a tool designed to help and automate the process of shellcode creation.
sigmakerex
IDA Pro signature tool
udmp-parser
A Windows user minidump C++ parser library.
vmp_runner
A general solution to simulate execution of virtualized instructions (vmprotect/themida, etc.).
VMProtect-devirtualization
Playing with the VMProtect software protection. Automatic deobfuscation of pure functions using symbolic execution and LLVM.
windows-ps-callbacks-experiments
Files for http://blog.deniable.org/posts/windows-callbacks/