liushouhuo's repositories
Alternate
Visual Studio C/C++ Library
DarkLoadLibrary
LoadLibrary for offensive operations
dd-wrt
DD-WRT Subversion mirror.
Detours
Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.
Elemental
Elemental - An ATT&CK Threat Library
ETW-Resources
Event Tracing For Windows (ETW) Resources
EvtSubscribeAndPrint
Event Subscribe And Print
FalconFriday
Hunting queries and detections
iMonitor
iMonitor(冰镜 - 终端行为分析系统)
InfinityHookPro
InfinityHookPro Win7 -> Win11 latest
ISSP-TeraDrive
ACIT 3900/4900 ISSP TeraDrive Code repo
krabsetw
KrabsETW provides a modern C++ wrapper and a .NET wrapper around the low-level ETW trace consumption functions.
lemon-cleaner
腾讯柠檬清理是针对macOS系统专属制定的清理工具。主要功能包括重复文件和相似照片的识别、软件的定制化垃圾扫描、可视化的全盘空间分析、内存释放、浏览器隐私清理以及设备实时状态的监控等。重点聚焦清理功能,对上百款软件提供定制化的清理方案,提供专业的清理建议,帮助用户轻松完成一键式清理。
MsIoExploit
Exploit MsIo vulnerable driver
NoScreen
Hiding the window from screenshots using the function win32kfull::ChangeWindowTreeProtection
ossec-hids
OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
ovis
OVIS High Performance Computing monitoring, analysis, and visualization project.
PcapPlusPlus
PcapPlusPlus is a multiplatform C++ library for capturing, parsing and crafting of network packets. It is designed to be efficient, powerful and easy to use. It provides C++ wrappers for the most popular packet processing engines such as libpcap, Npcap, WinPcap, DPDK and PF_RING.
pmon
Copy: Linux process monitoring (exec, fork, exit, set*uid, set*gid)
ProcessVmAccess
Two PoC of accessing process virtual memory via NT Kernel
procfs
procfs provides functions to retrieve system, kernel and process metrics from the pseudo-filesystem proc.
PSWindowsUpdate
This module contain cmdlets to manage Windows Update Client.
RmEye
戎码之眼是一个window上的基于att&ck模型的威胁监控工具.有效检测常见的未知威胁与已知威胁.防守方的利剑
Sequoia
A股自动选股程序,实现了海龟交易法则、缠中说禅牛市买点,以及其他若干种技术形态
SV-Assisstant
SV-Assistant
transacted_hollowing
Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging
vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose