Giters
shaygitub

shaygitub

Geek Repo

31

followers

26

following

24

stars

Github PK Tool:Github PK Tool

shaygitub's starred repositories

windows-internals

My notes while studying Windows internals

Language:CLicense:MITStargazers:374Issues:0Issues:0

windows-exploitation

My notes while studying Windows exploitation

Language:C++License:MITStargazers:178Issues:0Issues:0

Stealthy-Kernelmode-Injector

Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executable pages. (VAD hide / NX bit swapping)

Language:CStargazers:275Issues:0Issues:0

Poseidon

Stealthy UM <-> KM communication system without creating any system threads, permanent hooks, driver objects, section objects or device objects.

Language:C++Stargazers:343Issues:0Issues:0

Prevent_File_Deletion

Record & prevent file deletion in kernel mode

Language:CLicense:MITStargazers:38Issues:0Issues:0

BackupFilter

backup your documents

Language:C++License:MITStargazers:3Issues:0Issues:0

KeystrokeSniffer

a windows kernel keylogger that works

Language:C++License:MITStargazers:17Issues:0Issues:0

FileHide

filter driver to hide files and directories

Language:C++License:MITStargazers:10Issues:0Issues:0

MinifilterHook

silence file system monitoring components by hooking their minifilters

Language:CStargazers:41Issues:0Issues:0

GhostMapperUM

manual map unsigned driver over signed memory

Language:C++Stargazers:140Issues:0Issues:0

windows-rootkit

windows rootkit

Language:C++Stargazers:45Issues:0Issues:0

WindowsRegistryRootkit

Kernel rootkit, that lives inside the Windows registry values data

Language:CStargazers:480Issues:0Issues:0

WinDbg_Scripts

Useful scripts for WinDbg using the debugger data model

Language:JavaScriptStargazers:380Issues:0Issues:0

systeminformer

A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-internals.com

Language:CLicense:MITStargazers:10652Issues:0Issues:0

SimpleVisor

SimpleVisor is a simple, portable, Intel VT-x hypervisor with two specific goals: using the least amount of assembly code (10 lines), and having the smallest amount of VMX-related code to support dynamic hyperjacking and unhyperjacking (that is, virtualizing the host state from within the host). It works on Windows and UEFI.

Language:CStargazers:1697Issues:0Issues:0

GetSSDT

Finding SSDT address on windows 10 64bit

Language:CStargazers:4Issues:0Issues:0

unlox

A clox bytecode decompiler

Language:JavaStargazers:2Issues:0Issues:0

acdc

a c decompiler

Language:CStargazers:4Issues:0Issues:0

acdrv

base for testing

Language:C++Stargazers:137Issues:0Issues:0

InfinityHook

Hook system calls, context switches, page faults and more.

Language:C++Stargazers:2346Issues:0Issues:0

SyscallHook

System call hook for Windows 10 20H1

Language:C++Stargazers:453Issues:0Issues:0

umap

UEFI bootkit for driver manual mapping

Language:CStargazers:504Issues:0Issues:0

libpeconv

A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl

Language:C++License:BSD-2-ClauseStargazers:1071Issues:0Issues:0

Ciphey

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

Language:PythonLicense:MITStargazers:17580Issues:0Issues:0

kdmapper

KDMapper is a simple tool that exploits iqvw64e.sys Intel driver to manually map non-signed drivers in memory

Language:C++License:MITStargazers:1870Issues:0Issues:0

loldrivers-client

Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io

Language:GoLicense:Apache-2.0Stargazers:78Issues:0Issues:0