xitan's starred repositories
comprehensive-rust
This is the Rust course used by the Android team at Google. It provides you the material to quickly teach Rust.
SysWhispers3
SysWhispers on Steroids - AV/EDR evasion via direct system calls.
Hypervisor-101-in-Rust
The materials of "Hypervisor 101 in Rust", a one-day long course, to quickly learn hardware-assisted virtualization technology and its application for high-performance fuzzing on Intel/AMD processors.
BugChecker
SoftICE-like kernel debugger for Windows 11
defcon_27_windbg_workshop
DEFCON 27 workshop - Modern Debugging with WinDbg Preview
HWSyscalls
HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.
CheekyBlinder
Enumerating and removing kernel callbacks using signed vulnerable drivers
Interceptor
Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space
ExceptionOrientedProgramming
Abusing exceptions for code execution.
Kernel-Special-APC-ReadProcessMemory
Example of reading process memory through kernel special APC
LdrDllNotificationHook
Hook all callbacks which are registered with LdrRegisterDllNotification
import-hoodini
Simple runtime import protection & hook mitigation
HypervisorBase
A library for intel VT-x hypervisor functionality supporting EPT shadowing.
kdmapper-dumper
KDM Is a driver that will dumps every drivers that got manually mapped with kdmapper.