nofiv

followers

0

following

stars

Vladislav Hrčka's starred repositories

KDU

Kernel Driver Utility

Language:CMIT194400

BlackLotus

BlackLotus UEFI Windows Bootkit

Language:C196900

sigar

System Information Gatherer And Reporter

Language:CApache-2.0151500

reverse-engineering-workshop

Slides & Hands-on for the reverse engineering workshop

EfiGuard

Disable PatchGuard and Driver Signature Enforcement at boot time

Language:C++GPL-3.0180700

TitanHide

Hiding kernel-driver for x86/x64.

Language:CMIT211300

AppInitHook

Global user-mode hooking framework, based on AppInit_DLLs. The goal is to allow you to rapidly develop hooks to inject in an arbitrary process.

Language:CGPL-3.016000

ttexplore

TTexplore is a library that performs path exploration on binary code using symbolic execution

Language:C++7200

Dependencies

A rewrite of the old legacy software "depends.exe" in C# for Windows devs to troubleshoot dll load dependencies issues.

Language:C#MIT909300

Scylla

Imports Reconstructor

Language:C++GPL-3.0110800

KeeFarceReborn

A standalone DLL that exports databases in cleartext once injected in the KeePass process.

Language:C#BSD-3-Clause28900

VX-API

Collection of various malicious functionality to aid in malware development

Language:C++MIT148500

firmware-analysis-toolkit

Toolkit to emulate firmware and analyse it for security vulnerabilities

Language:PythonMIT133500

frp

A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.

Language:GoApache-2.08598400

libdesock

A de-socketing library for fuzzing.

Language:CMIT13200

RedGuard

RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.

Language:GoGPL-2.0139400

s6_pcie_microblaze

PCI Express DIY hacking toolkit for Xilinx SP605. This repository is also home of Hyper-V Backdoor and Boot Backdoor, check readme for links and info

Language:C73500

TripleCross

A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.

Language:CGPL-3.0178400

ShellcodeFluctuation

An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents

Language:C++MIT92800

ThreadStackSpoofer

Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.

Language:C++MIT103900

efiXplorer

IDA plugin for UEFI firmware analysis and reverse engineering automation

Language:C++GPL-3.089800

coreruleset

OWASP CRS (Official Repository)

Language:PythonApache-2.0226800

DdiMon

Monitoring and controlling kernel API calls with stealth hook using EPT

Language:C++MIT116100

Nidhogg

Nidhogg is an all-in-one simple to use windows kernel rootkit.

Language:C++GPL-3.0177400

wabt

The WebAssembly Binary Toolkit

Language:C++Apache-2.0684800

zasm

x86-64 Assembler based on Zydis

Language:C++MIT30700

arsenal

Arsenal is just a quick inventory and launcher for hacking programs

Language:PythonGPL-3.0319300

PowerShell-Suite

My musings with PowerShell

Language:PowerShellBSD-3-Clause261200

llvmlite

A lightweight LLVM python binding for writing JIT compilers

Language:PythonBSD-2-Clause192400

qiling

A True Instrumentable Binary Emulation Framework

Language:PythonGPL-2.0513800