Yuan's repositories
CallStackSpoofer
A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)
CheekyBlinder
Enumerating and removing kernel callbacks using signed vulnerable drivers
CPlusPlusThings
C++那些事
D2DOverlay
Easy to use overlay using Direct2d
Detect-HiddenThread-via-KPRCB
Detect removed thread from PspCidTable.
DrawAlgorithm
Game reverse drawing algorithm
HWIDSpoofer
EAC New Updated
InfinityHookPro
InfinityHookPro Win7 -> Win11 latest
kdmapper
KDMapper is a simple tool that exploits iqvw64e.sys Intel driver to manually map non-signed drivers in memory
learn-kvm
Qemu KVM(Kernel Virtual Machine)学习笔记
memflow
physical memory introspection framework
netease-messiah-tools
Tools working with files in NetEase's Messiah Engine (Primarily aimed towards Diablo Immortal for now)
Poseidon
stealthy UM <-> KM communication system without creating any system threads, permanent hooks, driver objects, section objects or device objects.
pyselenium
pyselenium $x is not defined解决办法
python-patterns
A collection of design patterns/idioms in Python
ReadPhys
r/w virtual memory without attach
ReflectiveDLLInjection
Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.
reverse-engineering
List of awesome reverse engineering resources
sec-books-part1
:books: 网安类绝版图书
SilentMoonwalk
PoC Implementation of a fully dynamic call stack spoofer
spoof_call
spoof return address
SSSSRV2RayTrojanClash
自由上网科学上网推荐建议,客户端自取
UMPMLib
A library to manipulate physical memory from usermode.
WinArk
Windows Anti-Rootkit Tool
WindowsKernelBook
《Windows 内核安全编程技术实践》 系列丛书,探索 Anti RootKit 反内核工具核心原理与技术实现细节。 The series of "Windows Kernel Security Programming Technology Practice" explores the core principles and technical implementation details of the Anti RootKit anti kernel tool.