o//。's repositories
efiXplorer
IDA plugin for UEFI firmware analysis and reverse engineering automation
rp
rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.
SQLInjectionWiki
一个专注于聚合和记录各种SQL注入方法的wiki
google-dorks-bug-bounty
A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting
exp
exp
No-Consolation
A BOF that runs unmanaged PEs inline
quickjs
Public repository of the QuickJS Javascript Engine.
IDA_Plugin_AntiDebugSeeker
Automatically identify and extract potential anti-debugging techniques used by malware.
DataptrHook
ntoskrnl .data hook on NtConvertBetweenAuxiliaryCounterAndPerformanceCounter for UM-KM communication
TitanHide
Hiding kernel-driver for x86/x64.
unicorn_pe
Unicorn PE is an unicorn based instrumentation project designed to emulate code execution for windows PE files.
unicorn
Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, TriCore, X86)
dnSpy
Unofficial revival of the well known .NET debugger and assembly editor, dnSpy
ILSpy
.NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!
Obfuscate
Guaranteed compile-time string literal obfuscation header-only library for C++14
vmprotect-3.5.1-build
fork to build
systeminformer
A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-internals.com
mrspicky
MrsPicky - An IDAPython decompiler script that helps auditing memcpy() and memmove() calls
Banshee
Experimental Windows x64 Kernel Rootkit.
RealBlindingEDR
Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...
smda
SMDA is a minimalist recursive disassembler library that is optimized for accurate Control Flow Graph (CFG) recovery from memory dumps.
winsos-poc
A PoC demonstrating code execution via DLL Side-Loading in WinSxS binaries.
libafl_quickjs_fuzzing
An example fuzzer about how to fuzz a JS engine combinign Nautilus with Token-level fuzzing
flare-ida
IDA Pro utilities from FLARE team
ret-sync
ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja disassemblers.
MutationGate
Use hardware breakpoint to dynamically change SSN in run-time
pdb
ida pdb plugin with enhance and bugfix
Shelter
ROP-based sleep obfuscation to evade memory scanners