o//。's repositories
all-about-windows
A comprehensive collection of resources for Windows users, offering tips, tricks, and in-depth guides.
Banshee
Experimental Windows x64 Kernel Rootkit.
bap
Binary Analysis Platform
CLRInjector
A PoC .NET-specific process injection tool
DataptrHook
ntoskrnl .data hook on NtConvertBetweenAuxiliaryCounterAndPerformanceCounter for UM-KM communication
dnSpy
Unofficial revival of the well known .NET debugger and assembly editor, dnSpy
flare-ida
IDA Pro utilities from FLARE team
IDA-Pro-SigMaker
Signature maker plugin for IDA 8.x
ILSpy
.NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!
libafl_quickjs_fuzzing
An example fuzzer about how to fuzz a JS engine combinign Nautilus with Token-level fuzzing
mrspicky
MrsPicky - An IDAPython decompiler script that helps auditing memcpy() and memmove() calls
MutationGate
Use hardware breakpoint to dynamically change SSN in run-time
NetworkNightmare
Network Pentesting Mindmap
Obfuscate
Guaranteed compile-time string literal obfuscation header-only library for C++14
pdb
ida pdb plugin with enhance and bugfix
RealBlindingEDR
Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...
Remote-buffer-overflow-over-wifi_stack-in-wpa_supplicant-binary-in-android-11-platform-samsung-a20e
Remote buffer overflow over wifi_stack in wpa_supplicant binary in android 11, platform:samsung a20e, stock options so like works out of the box
ret-sync
ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja disassemblers.
Shelter
ROP-based sleep obfuscation to evade memory scanners
smda
SMDA is a minimalist recursive disassembler library that is optimized for accurate Control Flow Graph (CFG) recovery from memory dumps.
systeminformer
A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-internals.com
TitanHide
Hiding kernel-driver for x86/x64.
UAC-BOF-Bonanza
Collection of UAC Bypass Techniques Weaponized as BOFs
unicorn
Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, TriCore, X86)
unicorn_pe
Unicorn PE is an unicorn based instrumentation project designed to emulate code execution for windows PE files.
vmprotect-3.5.1-build
fork to build
winsos-poc
A PoC demonstrating code execution via DLL Side-Loading in WinSxS binaries.
xeno-rat
Xeno-RAT is an open-source remote access tool (RAT) developed in C#, providing a comprehensive set of features for remote system management. Has features such as HVNC, live microphone, reverse proxy, and much much more!