Giters
xitan (x1tan)

x1tan

Geek Repo

90

followers

65

following

897

stars

Home Page:https://xitan.me

Twitter:@x1tan

Github PK Tool:Github PK Tool

xitan's starred repositories

Direct-Syscalls-vs-Indirect-Syscalls

The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls

Language:CStargazers:128Issues:0Issues:0

InviZzzible

InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date detection and evasion techniques as well as fixes for them.

Language:C++License:GPL-3.0Stargazers:521Issues:0Issues:0

VMAware

VM detection library and tool

Language:C++License:GPL-3.0Stargazers:255Issues:0Issues:0

tpm-spoofer

Simple proof of concept kernel mode driver hooking tpm.sys dispatch to randomize any public key reads

Language:CStargazers:162Issues:0Issues:0

FireDBG.for.Rust

🔥 Time Travel Visual Debugger for Rust

Language:RustLicense:MITStargazers:1182Issues:0Issues:0

perses

X86 Mutation Engine with Portable Executable compatibility.

Language:C++Stargazers:431Issues:0Issues:0

obfuscator

PE bin2bin obfuscator

Language:C++License:GPL-3.0Stargazers:506Issues:0Issues:0

rust-cpuid

cpuid library in rust.

Language:RustLicense:MITStargazers:142Issues:0Issues:0

x86_64

Library to program x86_64 hardware.

Language:RustLicense:Apache-2.0Stargazers:745Issues:0Issues:0

vmprotect-3.5.1

Language:C++Stargazers:1746Issues:0Issues:0

PPLKiller

Protected Processes Light Killer

Language:C++License:GPL-3.0Stargazers:845Issues:0Issues:0

showstopper

ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solutions that clash with standard anti-debug methods.

Language:C++License:MITStargazers:192Issues:0Issues:0

PigPEI

PEIM (UEFI) bootkit targeting OVMF (EDK2)

Language:RustLicense:MITStargazers:34Issues:0Issues:0

WinDbg-JS

Language:JavaScriptLicense:MITStargazers:22Issues:0Issues:0

guardian-rs

x86-64 code/pe virtualizer

Language:RustLicense:GPL-3.0Stargazers:127Issues:0Issues:0

DirectPageManipulation

A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy

Language:C++Stargazers:73Issues:0Issues:0

OffensivePH

OffensivePH - use old Process Hacker driver to bypass several user-mode access controls

Language:CLicense:GPL-3.0Stargazers:328Issues:0Issues:0

bread

🍞 BREAD: BIOS Reverse Engineering & Advanced Debugger

Language:CLicense:MITStargazers:282Issues:0Issues:0

symless

Language:PythonLicense:MITStargazers:165Issues:0Issues:0

Killer

Killer tool is designed to bypass AV/EDR security tools using various evasive techniques.

Language:C++Stargazers:677Issues:0Issues:0

shadow_syscall

convenient use of syscalls with a single line and a comfort wrapper, unfriendly for reverse engineer

Language:C++License:Apache-2.0Stargazers:87Issues:0Issues:0

Voyager

A Hyper-V Hacking Framework For Windows 10 x64 (AMD & Intel)

Language:CLicense:AGPL-3.0Stargazers:21Issues:0Issues:0

VDM

Library to manipulate drivers that expose a physical memory read/write primitive.

Language:C++License:AGPL-3.0Stargazers:16Issues:0Issues:0

msrexec

Elevate arbitrary MSR writes to kernel execution.

Language:C++License:AGPL-3.0Stargazers:15Issues:0Issues:0

process_doppelganging

My implementation of enSilo's Process Doppelganging (PE injection technique)

Language:CStargazers:565Issues:0Issues:0

vmhook

A demonstration of hooking into the VMProtect-2 virtual machine

Language:C++License:MITStargazers:16Issues:0Issues:0

theodosius

Small OBJ/Archive Obfuscation framework

Language:HTMLLicense:BSD-3-ClauseStargazers:7Issues:0Issues:0

pdb-rs

A parser for Microsoft PDB (Program Database) debugging information

Language:RustLicense:Apache-2.0Stargazers:20Issues:0Issues:0

binja-rs

Some Rust bindings for Binary Ninja

Language:RustStargazers:32Issues:0Issues:0

rewind

Snapshot-based coverage-guided windows kernel fuzzer

Language:RustLicense:Apache-2.0Stargazers:303Issues:0Issues:0