nmygb's repositories
AllTools
All reasonably stable tools
cparse
A C++ configurable Expression Parser. Useful as a Calculator or for helping you write your own Programming Language
VMProtect
VMProtect source code leak (incomplete, some important files are still missing, but you can still see it as a reference on how to virtualize the code)
MalwareSourceCode
Collection of malware source code for a variety of platforms in an array of different programming languages.
nt5src
Source code of Windows XP (NT5). Leaks are not from me. I just extracted the archive and cabinet files.
pe-sieve
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
rustdesk
Yet another remote desktop software
Nt-Modules
Collect different versions of Crucial modules.
IDR
Interactive Delphi Reconstructor
speakeasy
Windows kernel and user mode emulation.
GameNetworkingSockets
Reliable & unreliable messages over UDP. Robust message fragmentation & reassembly. P2P networking / NAT traversal. Encryption.
Blackbone
Windows memory hacking library
NtLua
Lua in kernel-mode because why not.
sauron-engine
One engine to rule them all
WebRTC_VAD
Voice Activity Detector Module Port From WebRTC
Windows-Batch-Deployment
A programmable and rootkit-like Windows remote access tool.
SysAnalyzer
Automated malcode analysis system - read more ->
cpython
The Python programming language
EfiGuard
Disable PatchGuard and DSE at boot time
TitanHide
Hiding kernel-driver for x86/x64.
al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
DanderSpritz_lab
A fully functional DanderSpritz lab in 2 commands
possessor
User-mode part of Zerokit platform
zerokit
Zerokit/GAPZ rootkit (non buildable and only for researching)
android-possessor
Android possessor compatible with Zerokit simple c&c protocol
0ctrl
Zerokit server controller
amte
Analysis and Modification Tool for Executables