ExpLife0011 / Awesome Windows Kernel Security Development
Licence: mit
windows kernel security development
Stars: ✭ 1,208
Programming Languages
shellcode
44 projects
Projects that are alternatives of or similar to Awesome Windows Kernel Security Development
Simple-Antirootkit-SST-Unhooker
This is a demo project to illustrate the way to verify and restore original SST in case of some malware hooks
Stars: ✭ 31 (-97.43%)
Mutual labels: rootkit, antivirus
Awesome Windows Security Development
awesome-windows-security-development
Stars: ✭ 154 (-87.25%)
Mutual labels: driver, rootkit
Hidden
Windows driver with usermode interface which can hide objects of file-system and registry, protect processes and etc
Stars: ✭ 768 (-36.42%)
Mutual labels: driver, rootkit
Skeleton
A ready-to-use CodeIgniter skeleton with tons of new features and a whole new concept of hooks (actions and filters) as well as a ready-to-use and application-free themes and plugins system. Facebook Page: http://bit.ly/2oHzpxC | Facebook Group: http://bit.ly/2o3KOrA. Help me carry on making more free stuff → http://bit.ly/2ppNujE ←
Stars: ✭ 74 (-93.87%)
Mutual labels: framework
Cogitare
🔥 Cogitare - A Modern, Fast, and Modular Deep Learning and Machine Learning framework for Python
Stars: ✭ 73 (-93.96%)
Mutual labels: framework
Mmsa
CH-SIMS: A Chinese Multimodal Sentiment Analysis Dataset with Fine-grained Annotations of Modality (ACL2020)
Stars: ✭ 70 (-94.21%)
Mutual labels: framework
Rsf
The Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.
Stars: ✭ 76 (-93.71%)
Mutual labels: framework
Pyrustic
Lightweight framework and software suite to help develop, package, and publish Python desktop applications
Stars: ✭ 75 (-93.79%)
Mutual labels: framework
Axentix
Axentix is an open source Framework based on CSS Grid using HTML, CSS and JS. The easy layout control and grid system makes it one of the most easy to learn framework.
Stars: ✭ 75 (-93.79%)
Mutual labels: framework
Pysoa
A Python library for writing (micro)services and their clients
Stars: ✭ 74 (-93.87%)
Mutual labels: framework
Bdframework.core
[中]Simple! Easy! Powerful Unity3d game workflow! Unity3d framework:c# hotfix(ILRuntime)、asset manager、ui workflow、network debug... and so on
Stars: ✭ 1,196 (-0.99%)
Mutual labels: framework
Graceful
Elegant Python REST toolkit built on top of falcon
Stars: ✭ 73 (-93.96%)
Mutual labels: framework
Elastic Scout Driver
Elasticsearch driver for Laravel Scout
Stars: ✭ 74 (-93.87%)
Mutual labels: driver
Flutterwebsite
The flutter.dev website recreated in Flutter. https://gallery.codelessly.com/flutterwebsites/flutterwebsite
Stars: ✭ 76 (-93.71%)
Mutual labels: framework
awesome-windows-kernel-security-development
powershell
pe file format
asm ide
- https://github.com/ThomasJaeger/VisualMASM
- https://github.com/Dman95/SASM
- https://github.com/mrfearless/UASM-with-RadASM
meltdown/spectre poc
- https://github.com/turbo/KPTI-PoC-Collection
- https://github.com/gkaindl/meltdown-poc
- https://github.com/feruxmax/meltdown
- https://github.com/Eugnis/spectre-attack
lightweight c++ gui library
- https://github.com/Xoliper/ANGE
- https://github.com/iUIShop/LibUIDK (mfc skin ui)
- https://github.com/zlgopen/awtk
- https://github.com/idea4good/GuiLite
- https://github.com/golang-ui/nuklear
- https://github.com/Dovyski/cvui
- https://github.com/andlabs/libui
- https://github.com/hasaranga/RFC-Framework
- https://github.com/dustpg/LongUI
- https://github.com/bognikol/Eleusis
direct ui
- https://github.com/caozhiyi/DuiLib_c
- http://www.skinui.cn/
- https://www.showdoc.cc/skinui?page_id=135303
- http://help.5yyz.com/665984
- https://github.com/SOUI2/soui
- https://github.com/netease-im/NIM_Duilib_Framework
- https://github.com/gclxry/EasyDuilib
- https://github.com/v-star0719/MFC_LogicalWnd
- https://github.com/duzhi5368/FKDuiLibEditor
- https://github.com/wanttobeno/bkuilib
- https://github.com/wanttobeno/XSkin1.0
- https://github.com/idea4good/GuiLite
- https://github.com/redrains/DuiLib_Redrain
- https://github.com/wanttobeno/UIDesigner
- https://github.com/zhongyang219/TrafficMonitor
- https://github.com/wanttobeno/Duilib_Extension
- https://github.com/zhongyang219/MusicPlayer2
- https://github.com/nmgwddj/duilib_tutorial
- https://github.com/redrains/DuiLib_Redrain
- https://github.com/nmgwddj/InstallAssist
- https://github.com/netease-im/NIM_PC_UIKit
- https://github.com/nmgwddj/Optimizer
- https://github.com/nmgwddj/BarPCMaster (netbar)
chrome
chrome Extension
cef
- https://github.com/JelinYao/MyChrome
- https://github.com/fanfeilong/cefutil
- https://github.com/acristoffers/CEF3SimpleSample
- https://github.com/sanwer/Browser
WebBrowser
- https://github.com/zhichao281/duilib-MiniBlinkBrowser
- https://github.com/litehtml/litebrowser
- https://github.com/venam/Browser (lib)
- https://github.com/wanttobeno/Study_IWebBrowser2
d3d
- https://github.com/QianMo/Direct3D-Win32-Book-Src-Code
- https://github.com/MKXJun/DirectX11-With-Windows-SDK
- https://github.com/ThirteenAG/d3d9-wrapper
opencv
bass
lua
c++ 11/14/17/20
- https://github.com/akkaze/ThreadPool
- https://github.com/xiaoweiChen/CPP-Concurrency-In-Action-2ed-2019
- https://github.com/xiaoweiChen/CPP-17-STL-cookbook
- https://github.com/changkun/modern-cpp-tutorial
cmake
DesignPattern
- https://design-patterns.readthedocs.io/zh_CN/latest/index.html
- https://github.com/Waleon/DesignPatterns
- https://github.com/GoodmanTao/DesignPatternInC
c++ & js
- https://github.com/xhawk18/promise-cpp
- https://github.com/panopticoncentral/jsrt-wrappers
- https://github.com/wargio/WSH-Framework
- https://github.com/ExpLife0011/WebBrowser
- https://github.com/wanttobeno/Study_mujs
gdi/gdi+
- http://www.mctrl.org/ (win32 control lib)
- https://github.com/wanttobeno/AlphaEditor
- https://github.com/wanttobeno/FastZoomDemo (zoom)
- https://github.com/wanttobeno/GdiPlusTextEffect
- https://github.com/wanttobeno/GdiPlusString
- https://github.com/wanttobeno/WindowFinder
- https://github.com/wanttobeno/ymagine
- https://github.com/wanttobeno/levels-adjustment
- https://github.com/wanttobeno/ElipsePic
- https://github.com/wanttobeno/windows-effect
- https://github.com/wanttobeno/Study_easing_animation
- https://github.com/wanttobeno/Study_FindPicAlgorithm (find picture algorithm)
- https://github.com/wanttobeno/Window_GlassIntro_demo
QT
- https://github.com/feiyangqingyun/qucsdk
- https://github.com/feiyangqingyun/QWidgetDemo
- https://github.com/feiyangqingyun/qtkaifajingyan
- https://github.com/feiyangqingyun/QWidgetExe
computer vision & machine learning
compress
Dongle
spy++
Shell Extension for Windows Explorer
- https://github.com/derceg/explorerplusplus
- https://github.com/XhmikosR/perfmonbar (perfmonbar)
- https://github.com/abhimanyusirohi/ThumbFish (nice demo)
- https://github.com/matssigge/JASE
- https://github.com/Oeffner/MtzExtInfoTip
- https://github.com/danielgrigg/ContextMenuDemo
- https://github.com/monolithpl/stexbar
- https://github.com/CaSchmidt/csMenu
- https://github.com/blndev/ExplorerUtilitys
- https://github.com/pke/Windows-Explorer-OSGi-Shell-Extensions
- https://github.com/Anton-V-K/MultiThumbExtension
- https://github.com/0ffffffffh/ffmpegShellExtension
- https://github.com/Ralph-Lee/WinShellExt
- https://github.com/slivermeteor/LockKeys
- https://github.com/alexandermenze/ShellExtensionInfoTip
- https://github.com/jbrandwood/EditWith
- https://github.com/calzakk/CyoHash
- https://github.com/asa75asa/ImageResizer
- https://github.com/tillig/JunctionShellExtensions
- https://github.com/keybase/KBShellExt
- https://github.com/T800G/StatusBar7
- https://github.com/vladm3/ShellExtension
- https://github.com/sop/cygextreg
- https://github.com/AndreasVerhoeven/HTMLPreviewShellExtension
- https://github.com/alvinhochun/KritaShellExtension
- https://github.com/AUTOMATIC1111/3ds-shell
- https://github.com/google/google-drive-shell-extension
- https://github.com/TortoiseGit/TortoiseGit
- https://github.com/sanje2v/MantaPropertyExtension
- https://github.com/phwitti/cmdhere
windows system programming
- https://github.com/solemnwarning/rehex (hex editor)
- https://github.com/progmboy/openprocmon (procmon)
- https://github.com/ezrealik/AI-Icarus (AI iflytek SDK)
- http://rufus.ie/ (Create bootable USB drives the easy way)
- https://github.com/emmanuel-marty/em_inflate (Fast, small, in-memory inflate (zlib, deflate and gzip decompression))
- https://github.com/skadro-official/skCrypter (string crypt)
- https://github.com/hynninen/win-pbkdf2
- https://github.com/K0rz3n/PatchesTester (check system patch info)
- https://github.com/nccgroup/WindowsJobLock (Windows Process Lockdown Tool using Job Objects)
- https://github.com/long123king/TokenInsight
- https://github.com/btbd/access (Access without a real handle)
- https://github.com/CoatiSoftware/Sourcetrail (Source code explorer)
- https://github.com/DoubleLabyrinth/WindowsSudo
- https://github.com/AzureGreen/NetView
- https://github.com/MFCer/AutoUpdate
- https://github.com/ufrisk/LeechCore (Physical Memory Acquisition Library)
- https://github.com/marcosd4h/sysmonx
- https://github.com/Dankirk/RegSLScan
- https://github.com/nogginware/mstscdump
- https://github.com/zodiacon/ApiSetView
- https://github.com/DOGSHITD/SciDetectorApp (SCI)
- https://github.com/DOGSHITD/AcpiTool (ACPI)
- https://github.com/VertexToEdge/WindowFunctionTracer
- https://github.com/sganis/golddrive
- https://github.com/yanncam/exe2powershell
- https://github.com/owodelta/coilgun (Direct API Calling)
- https://github.com/NYAN-x-CAT/Disable-Windows-Defender
- https://github.com/d35ha/CallObfuscator
- https://github.com/zodiacon/RegEditX
- https://github.com/ZhanLang/jcfs (everything)
- https://github.com/ZhanLang/msdk (sdk)
- https://github.com/MiroKaku/ConMon
- https://github.com/SinaKarvandi/Process-Magics
- https://github.com/LoukaMB/ExceptionSupervisor
- https://github.com/zmrbak/PcWeChatHooK
- https://github.com/not-matthias/Nemesis (process dumper)
- https://github.com/QAX-A-Team/EventCleaner
- https://github.com/BlackINT3/none (common lib)
- https://github.com/77Sera/BrowserSecurity
- https://github.com/amitwaisel/Malproxy (Proxy system calls over an RPC channel)
- https://github.com/jnastarot/soul_eater (it can extract functions from .dll, .exe, .sys)
- https://github.com/mtth-bfft/lsobj
- https://github.com/mtth-bfft/ntsec
- https://github.com/fritzone/obfy
- https://github.com/microsoft/NetworkDirect
- https://github.com/jay/gethooks
- https://github.com/laxodev/RAII-WINAPI-Memory-Manager
- https://github.com/hfiref0x/WDExtract
- https://github.com/binbibi/libedge
- https://github.com/bb107/WinSudo
- https://github.com/can1357/WinFaults
- https://github.com/Silica/sandbox
- https://github.com/horsicq/Nauz-File-Detector
- https://github.com/horsicq/xntsv (nt struct)
- https://github.com/jnastarot/shibari (pe+)
- https://github.com/NoMoreFood/WinPriv
- https://github.com/yejiansnake/windows-sys-base
- https://github.com/lifenjoiner/pacdbger
- https://github.com/lifenjoiner/sendto-plus
- https://github.com/billziss-gh/winspd
- https://github.com/ffiirree/Capturer
- https://github.com/Claybird/lhaforge
- https://github.com/jjzhang166/nargnos-WindowsUtil
- https://github.com/cool2528/baiduCDP
- https://github.com/anhkgg/SuperWeChatPC
- https://github.com/Alex3434/GetHDDSerial
- https://github.com/TonyChen56/HackerTools
- https://github.com/libyal/liblnk
- https://github.com/NtRaiseHardError/Kaiser
- https://github.com/mengskysama/V8 (chrome v8 engine)
- https://github.com/locustwei/WorkBack
- https://github.com/360-A-Team/EventCleaner
- https://github.com/Microsoft/Windows-classic-samples
- https://github.com/troldal/OpenXLSX (.xlsx format)
- https://github.com/mity/windrawlib (GDI+ Helper)
- https://github.com/henrypp/errorlookup
- https://github.com/longmode/authzsec-mod-um (AppContainer and ACL)
- https://github.com/henrypp/memreduct
- https://github.com/thomaslaurenson/LiveDiff (live diff)
- https://github.com/thomaslaurenson/CellXML-offreg (hive file parse)
- https://github.com/zhaolong/libparser (static lib parse)
- https://github.com/WildByDesign/Privexec
- https://github.com/KangLin/RabbitIm
- https://github.com/kingsunc/MiniDump
- https://github.com/amdf/reparselib
- https://github.com/Zero3K/connectfusion (download manager)
- https://github.com/Zero3K/ERAM (RAM Disk)
- https://github.com/bailey27/cppcryptfs ( gocryptfs encrypted overlay filesystem)
- https://github.com/etsubu/MacroRecorder (recording keyboard and mouse macros)
- https://github.com/wyrover/CodeLib
- https://github.com/Rprop/CppDLL (dll to .h and lib)
- https://github.com/seledka/syslib
- https://github.com/leecher1337/regremap
- https://github.com/webees/ADkiller
- https://github.com/skysilent/coroutine_study (fiber)
- https://github.com/ruusty/NAntMenu
- https://github.com/chrdavis/PIFShellExtensions
- https://github.com/codepongo/zshellext
- https://github.com/lz77win/lz77win_sources
- https://github.com/Microsoft/perfview
- https://github.com/GameTechDev/PresentMon
- https://github.com/hfiref0x/BSODScreen
- https://github.com/CasualX/LibEx
- https://github.com/syhyz1990/baiduyun
- https://github.com/WalkingCat/SymDiff
- https://github.com/libyal/libevtx
- https://github.com/wanttobeno/Screenshot
- https://github.com/scarsty/tinypot
- https://github.com/jonasblunck/DynHook
- https://github.com/y11en/PEBFake (PEB fake)
- https://github.com/wanttobeno/mousehook (setwindowhook)
- https://github.com/wanttobeno/DXF-Viewer
- https://github.com/wanttobeno/XmlConfigDemo
- https://github.com/wanttobeno/GeneralHashFunctions
- https://github.com/wanttobeno/Chrome-base-cpu
- https://github.com/wanttobeno/stl_util
- https://github.com/wanttobeno/LinkHelper
- https://github.com/wanttobeno/Ring3GetProcessInfo
- https://github.com/zsummer/breeze
- https://github.com/wanttobeno/SoftWareManager
- https://github.com/wanttobeno/GetMacAddress
- https://github.com/wanttobeno/HtmlViewer
- https://github.com/wanttobeno/AltServer
- https://github.com/wanttobeno/GetPeInfo
- https://github.com/wanttobeno/notepad
- https://github.com/wanttobeno/PELearningMaterials
- https://github.com/wanttobeno/Detours_4.0.1
- https://github.com/wanttobeno/skinsb
- https://github.com/wanttobeno/DLib-Attacher
- https://github.com/wanttobeno/VmpHandle
- https://github.com/wanttobeno/ScopeGuard (resource safe delete)
- https://github.com/wanttobeno/HashMapDemo
- https://github.com/wanttobeno/nanob (protobuf)
- https://github.com/wanttobeno/baidu-sofa-pbrpc-win (protobuf)
- https://github.com/xlet/UpdateClient
- https://github.com/wanttobeno/AesFileProtection
- https://github.com/wanttobeno/IeProxy
- https://github.com/wanttobeno/MyProtocol
- https://github.com/wanttobeno/Window_KeyAndMouseHook
- https://github.com/wanttobeno/doublebufferedqueue (double buffered queue)
- https://github.com/DoubleLabyrinth/010Editor-keygen (keygen)
- https://github.com/wanttobeno/Cpp11ThreadPool
- https://github.com/wanttobeno/Study_shellcode (shellcode)
- https://github.com/wanttobeno/Study_algorithm (data struct)
- https://github.com/wanttobeno/ThreadPool
- https://github.com/wanttobeno/Study_threadpool (thread pool)
- https://github.com/wanttobeno/Study_Websocket (websocket)
- https://github.com/Amanieu/asyncplusplus
- https://github.com/wanttobeno/Study_Socket
- https://github.com/wanttobeno/DllProtect
- https://github.com/allenyllee/The-CPUID-Explorer
- https://github.com/wanttobeno/SunDaySearchSignCode
- https://github.com/wanttobeno/x64_AOB_Search (fast search memory algorithm)
- https://github.com/wanttobeno/iQIYI_Web_Video_Upload (http simulate upload)
- https://github.com/wanttobeno/Study_XiaoMi_Login (https simulate login)
- https://github.com/fawdlstty/NetToolbox
- https://github.com/hzqst/FuckCertVerifyTimeValidity
- https://github.com/717021/PCMgr (task manager)
- https://github.com/silverf0x/RpcView (rpc)
- https://github.com/ez8-co/unlocker ()
- https://github.com/nkga/self-updater (framework for secure self-update)
- https://github.com/liamkirton/sslcat (nc with ssl)
- https://github.com/Seineruo/RSA-Tool
- https://github.com/PBfordev/wxAutoExcel
- https://github.com/ax330d/Symex
- https://github.com/Biswa96/PDBDownloader
- https://github.com/Biswa96/TraceEvent
- https://github.com/hfiref0x/Misc
- https://github.com/SergioCalderonR/DelSvc
- https://github.com/wyrover/win-privileges-examples (DACL)
- https://github.com/nccgroup/WindowsDACLEnumProject (DACL)
- https://github.com/xqymain/ServerLocker
- https://github.com/wanttobeno/SunDaySearchSignCode (fast search memory)
- https://github.com/zhongyang219/SimpleNotePad
- https://github.com/zhongyang219/TrafficMonitor
- https://github.com/codereba/data_scrambler (scrambler)
- https://github.com/3gstudent/Catch-specified-file-s-handle (enum file handle)
- https://github.com/intel/safestringlib
- https://github.com/eyusoft/asutlity
- https://github.com/ThomasThelen/BrowserLib
- https://github.com/OSRDrivers/dirchange
- https://github.com/OSRDrivers/deleteex (FileDispositionInfoEx)
- https://github.com/notscimmy/YASS (sig scanner)
- https://github.com/942860759/BrowserHistory
- https://github.com/NoMoreFood/putty-cac
- https://github.com/NoMoreFood/Repacls
- https://github.com/NoMoreFood/WinPriv
- https://github.com/NoMoreFood/Crypture
- https://github.com/Microsoft/winfile
- https://github.com/mullvad/windows-libraries
- https://github.com/wjcsharp/wintools
- https://github.com/nmgwddj/logs-monitor
- https://github.com/nmgwddj/TaskbarTool
- https://github.com/nmgwddj/DevCon
- https://github.com/nmgwddj/SystemProcessInfo
- https://github.com/nmgwddj/ServiceMgr
etw
wsl/unix
- https://github.com/Mermeze/wslam (wsl anti malware)
- https://github.com/Biswa96/WSLInstall
- https://github.com/Biswa96/WslReverse
- https://github.com/Biswa96/XConPty
- https://github.com/mintty/wsltty.appx
device tree
irp monitor
nt crucial modules
windows kernel driver
- https://github.com/yardenshafir/DpcWait (DPC)
- https://github.com/can1357/NtLua (Lua in kernel)
- https://github.com/mrexodia/NtPhp (Php in kernel)
- https://github.com/DownWithUp/CallMon
- https://github.com/BadPlayer555/KernelGDIDraw (GDI)
- https://github.com/alxbrn/km-um-communication
- https://github.com/DavidXanatos/IgnoreACLs
- https://github.com/hfiref0x/KDU (Kernel Driver Utility)
- https://github.com/zhuhuibeishadiao/JunkDriveOpenSource
- https://github.com/dearfuture/DriverTutorial
- https://github.com/G4rb3n/Windows-Driver
- https://github.com/btbd/wpp (Intercepting DeviceControl via WPP)
- https://github.com/maharmstone/smbfs (SMB filesystem driver for Windows)
- https://github.com/maharmstone/btrfs (Windows driver for the next-generation Linux filesystem Btrfs)
- https://github.com/zodiacon/windowskernelprogrammingbook (sample)
- https://github.com/0xcpu/ExecutiveCallbackObjects
- https://github.com/alxbrn/r6s-external-nuklear-socket
- https://github.com/vmcall/dxgkrnl_hook
- https://github.com/alxbrn/kdmapper-1803-1903
- https://github.com/juniorjacob/readwrite-kernel-stable
- https://github.com/mstefanowich/IsFileSigned
- https://github.com/apriorit/antirootkit-anti-splicer
- https://github.com/Mouka-Yang/KernelDriverDemo
- https://github.com/tomLadder/WinLib
- https://github.com/coltonon/MoaRpm
- https://github.com/wanttobeno/ProcessManager_Ring0
- https://github.com/wanttobeno/Win_Driver_Mouse_And_Key
- https://github.com/wanttobeno/Win64DriverStudy_Src
- https://github.com/tdevuser/MalwFinder
- https://github.com/Sqdwr/WriteFile_IRP
- https://github.com/nmgwddj/learn-windows-drivers
- https://github.com/mq1n/EasyRing0
windows kernel driver with c++ runtime
- https://github.com/r1cky33/kernel_gdi_renderer
- https://github.com/haram/kernel_library
- https://github.com/avakar/vcrtl
- https://github.com/ZhanLang/msddk
- https://github.com/DragonQuestHero/Kernel-Force-Delete (force delete file)
- https://github.com/MeeSong/WDKExt
- https://github.com/HoShiMin/Kernel-Bridge (power)
- https://github.com/wjcsharp/Common
- https://github.com/ExpLife/DriverSTL
- https://github.com/sysprogs/BazisLib
- https://github.com/AmrThabet/winSRDF
- https://github.com/sidyhe/dxx
- https://github.com/zer0mem/libc
- https://github.com/eladraz/XDK
- https://github.com/vic4key/Cat-Driver
- https://github.com/AndrewGaspar/km-stl
- https://github.com/zer0mem/KernelProject
- https://github.com/zer0mem/miniCommon
- https://github.com/jackqk/mystudy
- https://github.com/yogendersolanki91/Kernel-Driver-Example
blackbone
- https://github.com/AbinMM/MemDllLoader_Blackbone
- https://github.com/hzqst/unicorn_pe
- https://github.com/nofvcks/AimKit-Pasted-Driver
- https://github.com/alexpsp00/x-elite-loader
- https://github.com/DarthTon/Xenos
- https://github.com/DarthTon/Blackbone
hidinput
- https://github.com/changeofpace/MouHidInputHook
- https://github.com/hawku/TabletDriver
- https://github.com/ViGEm/HidGuardian
- https://github.com/ecologylab/EcoTUIODriver
- https://github.com/djpnewton/vmulti
- https://github.com/duzhi5368/FKHIDKeyboardSimTest (support usb)
- https://github.com/Jehoash/WinIO3.0
dkom
- https://github.com/alal4465/Win_Rootkit (Kernel RAT X86)
- https://github.com/waryas/EUPMAccess
- https://github.com/notscimmy/pplib
- https://blog.csdn.net/zhuhuibeishadiao/article/details/51136650 (get process full path name)
- https://bbs.pediy.com/thread-96427.htm (modify process image name)
- https://github.com/ZhuHuiBeiShaDiao/PathModification
- https://github.com/ZhuHuiBeiShaDiao/NewHideDriverEx
- https://github.com/Sqdwr/HideDriver
- https://github.com/nbqofficial/HideDriver
- https://github.com/landhb/HideProcess
- https://github.com/tfairane/DKOM
ssdt hook
- https://github.com/crvvdev/MasterHide (x64)
- https://github.com/iPower/KasperskyHook
- https://github.com/Sqdwr/64-bits-inserthook
- https://github.com/int0/ProcessIsolator
- https://github.com/mrexodia/TitanHide (x64dbg Plugin)-(DragonQuestHero Suggest)
- https://github.com/papadp/shd
- https://github.com/bronzeMe/SSDT_Hook_x64
- https://github.com/s18leoare/Hackshield-Driver-Bypass
- https://github.com/sincoder/hidedir
- https://github.com/wyrover/HKkernelDbg
- https://github.com/CherryZY/Process_Protect_Module
- https://github.com/weixu8/RegistryMonitor
- https://github.com/nmgwddj/Learn-Windows-Drivers
eat/iat/object/irp/iat hook
- https://github.com/jguo52/IOCTL-hook
- https://github.com/hugsy/CFB (Irp Hook)
- https://github.com/Rat431/ColdKernel_KUSER
- https://github.com/hasherezade/IAT_patcher
- https://github.com/Cyrex1337/hook.lib
- https://github.com/hMihaiDavid/hooks
- https://github.com/Scorbutics/IATHook
- https://github.com/amazadota/AFD-HOOK-
- https://github.com/wyyqyl/HookIAT
- https://github.com/smore007/remote-iat-hook
- https://github.com/m0n0ph1/IAT-Hooking-Revisited
- https://github.com/xiaomagexiao/GameDll
- https://github.com/HollyDi/Ring0Hook
- https://github.com/mgeeky/prc_xchk
- https://github.com/tinysec/iathook
InfinityHook
- https://github.com/p4xon/SyscallHook
- https://yanjuan.xyz/2019/08/syscallhook/
- https://github.com/huoji120/huoji_debuger
- https://github.com/everdox/InfinityHook
inline hook
- https://github.com/adrianyy/kernelhook
- https://github.com/gfreivasc/VMTHook
- https://github.com/zhipeng515/MemberFunctionHook (member function hook)
- https://github.com/windy32/win32-console-hook-lib
- https://github.com/M0rtale/Universal-WndProc-Hook
- https://github.com/a7031x/HookApi
- https://github.com/blaquee/APCHook
- https://github.com/simonberson/ChromeURLSniffer
- https://github.com/codereversing/sehveh_hook
- https://github.com/Matviy/LeagueReplayHook
- https://github.com/jonasblunck/DP
- https://github.com/XBased/xhook
- https://github.com/rokups/hooker
- https://github.com/Ayuto/DynamicHooks
- https://github.com/sincoder/wow64hook
- https://github.com/strobejb/sslhook
- https://github.com/petrgeorgievsky/gtaRenderHook
- https://github.com/WopsS/RenHook
- https://github.com/chinatiny/InlineHookLib (R3 & R0)
- https://github.com/tongzeyu/HookSysenter
- https://github.com/idkwim/frookSINATRA (x64 sysenter hook)
- https://github.com/VideoCardGuy/HideProcessInTaskmgr
- https://github.com/MalwareTech/FstHook
- https://github.com/Menooker/FishHook
- https://github.com/G-E-N-E-S-I-S/latebros
- https://bbs.pediy.com/thread-214582.htm
hook engine
- https://github.com/nektra/Deviare-InProc
- https://github.com/btbd/smap
- https://github.com/gdabah/distormx
- https://github.com/danielkrupinski/vac-hooks
- https://github.com/vol4ok/libsplice (r3 & r0)
- https://github.com/HoShiMin/HookLib (r3 & r0)
- https://github.com/Rebzzel/kiero (d3d hook)
- https://github.com/aschrein/apiparse
- https://github.com/zyantific/zyan-hook-engine
- https://github.com/jonasblunck/DP (com hook)
- https://github.com/jonasblunck/DynHook
- https://github.com/wanttobeno/ADE32_InlineHook
- https://github.com/coltonon/RegHookEx (mid function)
- https://github.com/Synestraa/ArchUltimate.HookLib
- https://github.com/DominicTobias/detourxs
- https://github.com/Ilyatk/HookEngine
- https://github.com/zyantific/zyan-hook-engine
- https://github.com/martona/mhook
- https://github.com/EasyHook/EasyHook
- https://github.com/RelicOfTesla/Detours
- https://github.com/stevemk14ebr/PolyHook
- https://github.com/TsudaKageyu/minhook
- https://github.com/Microsoft/Detours
- https://github.com/Microwave89/ntapihook
anti hook
inject technique (ring0)
- https://github.com/Vicshann/GInjer
- https://github.com/r1cky33/Basic-GUI-Loader
- https://github.com/alxbrn/kernel-injector
- https://github.com/btbd/modmap
- https://github.com/Mecanik/MecanikProcessBreaker
- https://github.com/mactec0/Kernelmode-manual-mapping-through-IAT
- https://github.com/adrianyy/KeInject
- https://github.com/Sqdwr/LoadImageInject
- https://github.com/haidragon/NewInjectDrv
- https://github.com/alex9191/Kernel-dll-injector (DllInjectFromKernel)
- https://github.com/wbenny/keinject (ApcInjectFromKernel)
- https://github.com/repnz/apc-research (APC)
inject technique (ring3)
- https://github.com/Broihon/GH-Injector-Library
- https://github.com/antonioCoco/Mapping-Injection (MapViewOfFile2)
- https://github.com/theevilbit/injection
- https://github.com/SafeBreach-Labs/pinjectra
- https://github.com/odzhan/injection
- https://github.com/M-r-J-o-h-n/SWH-Injector
- https://github.com/nccgroup/ncloader (A session-0 capable dll injection utility)
- https://github.com/vmcall/eye_mapper (BattlEye x64 usermode injector)
- https://github.com/Shaxzy/VibranceInjector
- https://github.com/xiaobo93/UnModule_shellcode_Inject
- https://github.com/Cybellum/DoubleAgent
- https://github.com/realoriginal/reflective-rewrite (InjectFromMemory)
- https://github.com/blaquee/APCHook (apc inject)
- https://github.com/secrary/InjectProc
- https://github.com/ez8-co/yapi (Yet Another Process Injector)
- https://github.com/UserExistsError/InjectDll (InjectFromMemory)
- https://github.com/notscimmy/libinject
- https://github.com/BorjaMerino/tlsInjector (tls)
- https://github.com/BorjaMerino/Pazuzu (InjectFromMemory)
- https://github.com/strobejb/injdll
- https://github.com/strivexjun/DriverInjectDll (MapInjectDll)
- https://github.com/sud0loo/ProcessInjection
- https://github.com/apriorit/SvcHostDemo
- https://github.com/can1357/ThePerfectInjector
- https://github.com/VideoCardGuy/X64Injector
- https://github.com/papadp/reflective-injection-detection (InjectFromMemory)
- https://github.com/psmitty7373/eif (InjectFromMemory)
- https://github.com/rokups/ReflectiveLdr (InjectFromMemory)
- https://github.com/BenjaminSoelberg/ReflectivePELoader (InjectFromMemory)
- https://github.com/NtRaiseHardError/Phage (InjectFromMemory)
- https://github.com/dismantl/ImprovedReflectiveDLLInjection (InjectFromMemory)
- https://github.com/CylanceVulnResearch/ReflectiveDLLRefresher (InjectFromMemory)
- https://github.com/amishsecurity/paythepony (InjectFromMemory)
- https://github.com/deroko/activationcontexthook
- https://github.com/ez8-co/yapi (Cross x86 & x64 injection)
- https://github.com/georgenicolaou/HeavenInjector
- https://github.com/tinysec/runwithdll
- https://github.com/NtOpcode/NT-APC-Injector
- https://github.com/caidongyun/WinCodeInjection
- https://github.com/countercept/doublepulsar-usermode-injector
- https://github.com/mq1n/DLLThreadInjectionDetector
- https://github.com/hkhk366/Memory_Codes_Injection
- https://github.com/chango77747/ShellCodeInjector_MsBuild
- https://github.com/Zer0Mem0ry/ManualMap
- https://github.com/secrary/InfectPE
- https://github.com/zodiacon/DllInjectionWithThreadContext
- https://github.com/NtOpcode/RtlCreateUserThread-DLL-Injection
- https://github.com/hasherezade/chimera_loader
- https://github.com/Ciantic/RemoteThreader
- https://github.com/OlSut/Kinject-x64
- https://github.com/tandasat/RemoteWriteMonitor
- https://github.com/stormshield/Beholder-Win32
- https://github.com/secrary/InjectProc
- https://github.com/AzureGreen/InjectCollection
- https://github.com/uItra/Injectora
- https://github.com/rootm0s/Injectors
- https://github.com/Spajed/processrefund
- https://github.com/al-homedawy/InjecTOR
- https://github.com/OlSut/Kinject-x64
- https://github.com/stormshield/Beholder-Win32
- https://github.com/yifiHeaven/MagicWall
WoW64 <-> x64
- https://github.com/wolk-1024/WoW64Utils
- https://github.com/dadas190/Heavens-Gate-2.0
- https://github.com/leecher1337/ntvdmx64
- https://github.com/hyzhangzhy/WindowX
- https://github.com/georgenicolaou/HeavenInjector
- https://github.com/georgenicolaou/W64oWoW64
- https://github.com/Rprop/X86Call
- https://github.com/rwfpl/rewolf-wow64ext
- https://github.com/ovidiuvio/libntdbg
- https://github.com/haidragon/x86tox64
- https://github.com/3gstudent/CreateRemoteThread
- https://github.com/RaMMicHaeL/Textify
anti autorun
anti dll inject
- https://0cch.com/2015/04/10/e998b2e6ada2global-windows-hookse6b3a8e585a5e79a84e4b880e4b8aae696b9e6b395/ (global hook)
- https://blog.csdn.net/songjinshi/article/details/7808561 (message hook)
- https://blog.csdn.net/songjinshi/article/details/7808624 (message hook)
- https://github.com/mq1n/DLLThreadInjectionDetector
- https://github.com/analyst004/antinject
- https://github.com/ExpLife/BotKiller
load Dll from memory
- https://github.com/hasherezade/module_overloading
- https://github.com/UserExistsError/DllLoaderShellcode
- https://github.com/jnastarot/native_peloader
- https://github.com/fancycode/MemoryModule
- https://github.com/strivexjun/MemoryModulePP
Unpack dll load in runtime
dll hijack
- https://github.com/itm4n/CDPSvcDllHijacking
- https://github.com/Cybereason/siofra (identify and exploit)
- https://github.com/anhkgg/SuperDllHijack
- https://github.com/strivexjun/AheadLib-x86-x64
- https://github.com/zeffy/proxydll_template
com hijack
anti dll hijack
process hollowing
- https://github.com/xfgryujk/InjectExe
- https://github.com/m0n0ph1/Basic-File-Crypter
- https://github.com/Spajed/processrefund
- https://github.com/KernelMode/Process_Doppelganging
- https://github.com/hasherezade/process_doppelganging
- https://github.com/m0n0ph1/Process-Hollowing
- https://github.com/KernelMode/RunPE-ProcessHollowing
- https://github.com/KernelMode/RunPE_Detecter
pe loader
memory pe dumper
dll map detection
dll to shellcode
dll to exe
hide process
hide & delete dll
load driver from memory
- https://github.com/rogerxiii/kernel-codecave-poc
- https://github.com/ZhuHuiBeiShaDiao/DriverMaper
- https://github.com/fadetrack/KernelMemoryModule (Enable Exception)
- https://github.com/not-wlan/driver-hijack
- https://github.com/Professor-plum/Reflective-Driver-Loader
bypass memory scanner
KeUserModeCallBack
callback
- https://github.com/Vicshann/PEProtectDrv
- https://github.com/fdiskyou/windows-ps-callbacks-experiments
- https://github.com/maxkray13/Cvc (Communication via callback)
- https://github.com/socjordi/sauron
- https://github.com/OSRDrivers/kmexts (callbacks)
- https://github.com/godaddy/procfilter (yara-integrated)
- https://github.com/McSimp/unfairplay
- https://github.com/jjdredd/procsentinel (verify the address space of a process)
- https://github.com/SanseoLab/simpleAVdriver
- https://github.com/SanseoLab/ProcLogger
- https://github.com/notscimmy/libelevate
- https://github.com/ZhuHuiBeiShaDiao/ObRegisterCallBacksByPass
- https://github.com/Sqdwr/RemoveCallBacks
- https://github.com/JKornev/hidden
- https://github.com/binbibi/CallbackEx
- https://github.com/swwwolf/cbtest
- https://github.com/nmgwddj/Learn-Windows-Drivers
- https://github.com/SamLarenN/CallbackDisabler
keyboard filter
usb filter
sfilter
minifilter
- https://github.com/lxt1045/FileLogger
- https://github.com/vitalikpi/FileWall
- https://github.com/Mermeze/System-Monitor
- https://github.com/cn505240/lightweight-reactive-snapshot-service
- https://github.com/aviadyifrah/NAGuard
- https://github.com/y0n0622/DriversCode
- https://github.com/NotSurprised/MiniLogger
- https://github.com/hidd3ncod3s/hipara
- https://github.com/NtRaiseHardError/Providence
- https://github.com/maaaaz/mimicertz
- https://github.com/MUmesha/SecureFile
- https://github.com/anystayisjk/WordEncrypt
- https://github.com/anystayisjk/EncryptEngine
- https://github.com/yedushusheng/FileEncryption
- https://github.com/JokerMars/engine
- https://github.com/icedxu/Monitor
- https://github.com/smartinm/diskcryptor (disk encrypt)
- https://github.com/hedgeh/SEWindows (HIPS)
- https://github.com/474172261/DataProtector
- https://github.com/CynicalApe/Minifilter-CSHARP-ConsoleApp
- https://github.com/NtRaiseHardError/Anti-Delete (File anti delete)
- https://github.com/Randomize163/FSDefender
- https://github.com/ETEFS/ETEFS_Mini
- https://github.com/gfleury/ProtegeDados_ProjetoFinal
- https://github.com/denisvieriu/Portable-Executable-Minifilter-Driver
- https://github.com/surajfale/passthrough-minifilter-driver
- https://github.com/louk78/Virgo
- https://github.com/tandasat/Scavenger
- https://github.com/dubeyprateek/HideFiles
- https://github.com/aleksk/LazyCopy
- https://github.com/guidoreina/minivers
- https://github.com/idkwim/mfd
- https://github.com/Coxious/Antinvader
- https://github.com/tandasat/Scavenger
- https://github.com/fishfly/X70FSD
- https://github.com/ExpLife/BKAV.Filter
anti Ransomware
- https://github.com/NtRaiseHardError/Antimalware-Research
- https://github.com/clavis0x/AntiRansomware
- https://github.com/DecryptoniteTeam/Decryptonite
- https://github.com/ofercas/ransomware_begone
virtual disk
- https://github.com/zhaozhongshu/winvblock_vs
- https://github.com/yogendersolanki91/Kernel-Driver-Example
virtual file system
- https://github.com/ufrisk/MemProcFS (The Memory Process File System)
- https://github.com/TanninOne/usvfs
- https://github.com/ExpLife/CodeUMVFS
- https://github.com/yogendersolanki91/ProcessFileSystem
- https://github.com/BenjaminKim/dokanx
lpc
alpc
lsp/spi
afd
- https://github.com/batteryshark/AfdProxy
- https://github.com/xiaomagexiao/GameDll
- https://github.com/DeDf/afd
- https://github.com/a252293079/NProxy
tdi
- https://github.com/wanttobeno/wmifilter
- https://github.com/xue-blood/adfilter
- https://github.com/alex9191/NetDriver (send & receive HTTP requests)
- https://github.com/alex9191/ZeroBank-ring0-bundle
- https://github.com/Sha0/winvblock
- https://github.com/michael4338/TDI
- https://github.com/cullengao/tdi_monitor
- https://github.com/uniking/TDI-Demo
- https://github.com/codereba/netmon
wfp
- https://github.com/jellever/StreamDivert
- https://github.com/gifur/NetworkMnt
- https://github.com/guidoreina/http_inspect
- https://github.com/ZhanLang/netmonsys
- https://github.com/reinhardvz/enumwfp
- https://github.com/BOT-Man-JL/WFP-Traffic-Redirection-Driver
- https://github.com/henrypp/simplewall
- https://github.com/dfct/PortMapper (Port Map)
- https://github.com/TinkerBravo/WFPKit
- https://github.com/Arno0x/DivertTCPconn
- https://github.com/mullvad/libwfp
- https://github.com/gifur/NetworkMnt
- https://github.com/ss-abramchuk/OpenVPNAdapter/blob/f016614ed3dec30672e4f1821344b7992825a98d/OpenVPN%20Adapter/Vendors/openvpn/openvpn/tun/win/wfp.hpp
- https://github.com/itari/vapu
- https://github.com/ValdikSS/GoodbyeDPI
- https://github.com/basil00/Divert
- https://github.com/WPO-Foundation/win-shaper
- https://github.com/raymon-tian/WFPFirewall
- https://github.com/killbug2004/HashFilter
- https://github.com/henrypp/simplewall
- https://docs.microsoft.com/zh-cn/windows-hardware/drivers/network/porting-packet-processing-drivers-and-apps-to-wfp
- https://github.com/thecybermind/ipredir
ndis
- https://github.com/pr0v3rbs/MalSiteBlocker
- https://github.com/Beamer-LB/netmap/tree/stable/WINDOWS
- https://github.com/ndemarinis/ovs/tree/22a1ba42f8137cd3532b54880b19b51d4b87440d/datapath-windows/ovsext
- https://github.com/markjandrews/CodeMachineCourse/tree/5473d4ea808791c2a048f2c8c9c86f011a6da5e8/source/kerrkt.labs/labs/NdisLwf
- https://github.com/openthread/openthread/tree/master/examples/drivers/windows
- https://github.com/Hartigan/Firewall
- https://github.com/zy520321/ndis-filter
- https://github.com/yuanmaomao/NDIS_Firewall
- https://github.com/SoftEtherVPN/Win10Pcap
- https://github.com/IsoGrid/NdisProtocol
- https://github.com/lcxl/lcxl-net-loader
- https://www.ntkernel.com/windows-packet-filter/
- https://github.com/michael4338/NDIS
- https://github.com/IAmAnubhavSaini/ndislwf
- https://github.com/OpenVPN/tap-windows6
- https://github.com/SageAxcess/pcap-ndis6
- https://github.com/uniking/NDIS-Demo
- https://github.com/mkdym/NDISDriverInst
- https://github.com/debugfan/packetprot
- https://github.com/Iamgublin/NDIS6.30-NetMonitor
- https://github.com/nmap/npcap
- https://github.com/Ltangjian/FireWall
- https://github.com/Microsoft/Windows-driver-samples/tree/master/network/config/bindview
- https://github.com/brorica/http_inject (winpcap)
game accelerator
wsk
- https://github.com/adrianyy/rw_socket_driver
- https://github.com/wbenny/KSOCKET
- https://github.com/xalley/WskHttp
- https://github.com/reinhardvz/wsk
- https://github.com/akayn/kbMon
- https://github.com/02strich/audionet
- https://github.com/mestefy/securityplus
- https://github.com/skycipher/CNGProvider
rootkits
- https://github.com/jguo52/NtCompareSigningLevel-hook (NtCompareSigningLevels)
- https://github.com/bytecode77/living-off-the-land (fileless)
- https://github.com/D4stiny/spectre
- https://github.com/thesecretclub/window_hijack
- https://github.com/Mr-Un1k0d3r/SCShell
- https://github.com/realoriginal/doublepulsar-poc
- https://github.com/zouxianyu/PhysicalMemoryRW
- https://github.com/zouxianyu/KernelHiddenExecute
- https://github.com/isoadam/gina_public
- https://github.com/GayPig/driverless-basic-driver
- https://github.com/zerosum0x0/smbdoor
- https://github.com/Alex3434/wmi-static-spoofer
- https://github.com/KIDofot/BypassDriverDetection_And_Kill360Process
- https://github.com/longmode/UTKModule
- https://github.com/nkga/cheat-driver (read/write memory of arbitrary processes)
- https://github.com/lantaoxu/HWIDFaker (hwid fake)
- https://github.com/zerosum0x0/puppetstrings
- https://github.com/Synestraa/Highcall-Library (Highcall)
- https://github.com/Microwave89/drvtricks
- https://github.com/Psychotropos/xhunter1_privesc (XIGNCODE3)
- https://github.com/ionescu007/r0ak (RWE)
- https://github.com/cyberweapons/cyberweapons
- https://github.com/huoji120/AV-Killer
- https://github.com/Sqdwr/DeleteFile
- https://github.com/Sqdwr/DeleteFileByCreateIrp
- https://github.com/Mattiwatti/PPLKiller
- https://github.com/bfosterjr/ci_mod
- https://github.com/HoShiMin/EnjoyTheRing0
- https://github.com/hfiref0x/ZeroAccess
- https://github.com/hackedteam/driver-win32
- https://github.com/hackedteam/driver-win64
- https://github.com/csurage/Rootkit
- https://github.com/bowlofstew/rootkit.com
- https://github.com/Nervous/GreenKit-Rootkit
- https://github.com/bytecode-77/r77-rootkit
- https://github.com/Cr4sh/WindowsRegistryRootkit
- https://github.com/Alifcccccc/Windows-Rootkits
- https://github.com/Schnocker/NoEye
- https://github.com/christian-roggia/open-myrtus
- https://github.com/Cr4sh/DrvHide-PoC
- https://github.com/mstefanowich/SquiddlyDiddly2
- https://github.com/MalwareTech/FakeMBR
- https://github.com/Cr4sh/PTBypass-PoC
- https://github.com/psaneme/Kung-Fu-Malware
- https://github.com/hasherezade/persistence_demos
- https://github.com/MinhasKamal/TrojanCockroach
- https://github.com/akayn/kbMon
mbr
bootkits
- https://github.com/btbd/umap
- https://github.com/DeviceObject/rk2017
- https://github.com/DeviceObject/ChangeDiskSector
- https://github.com/DeviceObject/Uefi_HelloWorld
- https://github.com/DeviceObject/ShitDrv
- https://github.com/DeviceObject/DarkCloud
- https://github.com/nyx0/Rovnix
- https://github.com/MalwareTech/TinyXPB
- https://github.com/m0n0ph1/Win64-Rovnix-VBR-Bootkit
- https://github.com/NextSecurity/Gozi-MBR-rootkit
- https://github.com/NextSecurity/vector-edk
- https://github.com/ahixon/booty
uefi/smm
- https://github.com/SunnyKi/bareBoot
- https://github.com/DeviceObject/Uefi_HelloWorld
- https://github.com/LongSoft/UEFITool
- https://github.com/dude719/UEFI-Bootkit
- https://github.com/quarkslab/dreamboot
- https://github.com/gyje/BIOS_Rootkit
- https://github.com/scumjr/the-sea-watcher
- https://github.com/zhuyue1314/stoned-UEFI-bootkit
- https://github.com/hackedteam/vector-edk
- https://github.com/Cr4sh/SmmBackdoor
- https://github.com/Cr4sh/PeiBackdoor
- https://github.com/Cr4sh/fwexpl
bootloader
smc
anti debug
- https://github.com/sharepub/CheckVM-Sandbox
- https://github.com/nihilboy/anti
- https://github.com/atlantis2013/Evasion-Tools
- https://github.com/AlicanAkyol/sems
- https://github.com/strivexjun/XAntiDebug
- https://github.com/marcusbotacin/Anti.Analysis
- https://github.com/LordNoteworthy/al-khaser
- https://github.com/eschweiler/ProReversing
crypters
malware
- https://github.com/Freakboy/CobaltStrike
- https://github.com/vxunderground/Vx-Engines
- https://github.com/rokups/virtual-reality (backdoor)
- https://github.com/InQuest/malware-samples
- https://github.com/mstfknn/malware-sample-library
- https://github.com/Darkabode/possessor
- https://github.com/Darkabode/zerokit
- https://github.com/NYAN-x-CAT/AsyncRAT-C-Sharp (C#)
- https://github.com/zerosum0x0/koadic (JScript RAT)
- https://github.com/malwaredllc/bamf
- https://github.com/malwaredllc/byob (py)
- https://github.com/fereh/tacekit
- https://github.com/eset/malware-ioc
- https://github.com/lianglixin/RemoteControl-X3
- https://github.com/Souhardya/UBoat (HTTP)
- https://github.com/malwares/Botnet
- https://github.com/RafaelGSS/HyzMall
- https://github.com/DeadNumbers/Pegasus
- https://github.com/mdsecactivebreach/SharpShooter
- https://github.com/mwsrc/XtremeRAT
- https://github.com/mwsrc/Schwarze-Sonne-RAT (delphi)
- https://github.com/Mr-Un1k0d3r/ThunderShell (powershell)
- https://github.com/DimChris0/LoRa
- https://github.com/marcusbotacin/Malware.Multicore
- https://github.com/bxlcity/malware
- https://github.com/grcasanova/SuperVirus
- https://github.com/hackedteam/core-win32
- https://github.com/hackedteam/scout-win
- https://github.com/hackedteam/vector-dropper
EternalBlue && Doublepulsar && Mine
shellcode analysis
malware analysis
- https://github.com/huoji120/DuckMemoryScan
- https://github.com/JPCERTCC/EmoCheck
- https://github.com/G4rb3n/Malware-Killer
- https://github.com/G4rb3n/Malware-Picture
- https://github.com/a232319779/mmdt
- https://github.com/Formyown/Alesense-Antivirus (nice demo)
- https://github.com/ctxis/capemon (Config And Payload Extraction)
- https://github.com/tdevuser/MalwFinder
- https://github.com/MalwareCantFly/Vba2Graph
- https://github.com/unexpectedBy/Automated-Malware-Analysis-List
- https://github.com/wchen-r7/amsiscanner (Microsoft's Antimalware Scan Interface)
- https://github.com/ctxis/capemon
- https://github.com/kevthehermit/RATDecoders
- https://github.com/marcusbotacin/Malware.Variants
- https://github.com/marcusbotacin/Hardware-Assisted-AV
- https://github.com/gentilkiwi/spectre_meltdown
- https://github.com/gentilkiwi/wanadecrypt
- https://github.com/bloomer1016
- https://github.com/CHEF-KOCH/malware-research
- https://github.com/gentilkiwi/wanakiwi
av evasion
- https://github.com/sv3nbeast/ImgLoaderShellCode
- https://github.com/ReddyyZ/GhostShell
- https://github.com/nccgroup/Winpayloads
- https://github.com/TideSec/BypassAntiVirus
- https://github.com/jthuraisamy/SysWhispers
- https://github.com/huoji120/Antivirus_R3_bypass_demo
- https://github.com/paranoidninja/CarbonCopy
arktools
- https://github.com/D4stiny/PeaceMaker (detects advanced techniques used by malware)
- https://github.com/MHaggis/sysmon-dfir (sysmon)
- https://github.com/antiwar3/py
- https://github.com/weixu8/pcmonitor (kpolarssl)
- https://github.com/mohuihui/antispy
- https://github.com/DavidXanatos/TaskExplorer
- https://github.com/BlackINT3/OpenArk
- https://github.com/basketwill/Sysmon_reverse
- https://github.com/ZhuHuiBeiShaDiao/KernelHooksDetection_x64
- https://github.com/AxtMueller/Windows-Kernel-Explorer
- https://github.com/hedgeh/SEWindows (doc:hedgeh.github.io/startup.html)
- https://github.com/glmcdona/MALM
- https://github.com/ahmad-siavashi/Ana-Process-Explorer
- https://github.com/alex9191/KernelModeMonitor
- https://github.com/marcosd4h/memhunter
- https://github.com/gleeda/memtriage
- https://github.com/KernelMode/Process_Dop
- https://github.com/hm200958/kmdf--analyse
- https://github.com/AzureGreen/WinNT-Learning
- https://github.com/marcusbotacin/BranchMonitoringProject
- https://github.com/AzureGreen/ArkProtect
- https://github.com/AzureGreen/ArkToolDrv
- https://github.com/HollyDi/PCAssistant
- https://github.com/ChengChengCC/Ark-tools
- https://github.com/swatkat/arkitlib
- https://github.com/swwwolf/wdbgark
- https://github.com/zibility/Anti-Rootkits
- https://github.com/SLAUC91/AntiCheat
- https://github.com/sincoder/A-Protect
- https://github.com/apriorit/antirootkit-anti-splicer
- https://github.com/kedebug/ScDetective
- https://github.com/PKRoma/ProcessHacker
- https://github.com/AndreyBazhan/DbgExt
- https://github.com/comaeio/SwishDbgExt
- https://github.com/ExpLife/atomic-red-team
- https://github.com/shenghe/pcmanager
- https://github.com/lj1987new/guardlite
- https://github.com/hackshields/antivirus/
- https://github.com/AntiRootkit/BDArkit
EDR
- https://github.com/jthuraisamy/TelemetrySourcerer
- https://github.com/ION28/BLUESPAWN
- https://github.com/ComodoSecurity/openedr
bypass patchguard
- https://github.com/zhuhuibeishadiao/PatchGuardResearch
- https://github.com/can1357/ByePg
- https://github.com/zzhouhe/PG1903
- https://github.com/9176324/Shark
- https://github.com/hfiref0x/UPGDSED
- https://github.com/tandasat/PgResarch
- https://github.com/killvxk/DisableWin10PatchguardPoc
- https://github.com/tandasat/findpg
- https://github.com/zer0mem/HowToBoostPatchGuard
- https://bbs.pediy.com/thread-214582.htm
bypass dse
- https://github.com/alxbrn/gdrv-loader
- https://github.com/Mattiwatti/EfiGuard
- https://github.com/hfiref0x/TDL
- https://github.com/hfiref0x/DSEFix
HackSysExtremeVulnerableDriver
- https://github.com/redogwu/windows_kernel_exploit
- https://github.com/mgeeky/HEVD_Kernel_Exploit
- https://www.fuzzysecurity.com/tutorials.html
- https://rootkits.xyz/blog/
- https://github.com/hacksysteam/HackSysExtremeVulnerableDriver
- https://github.com/k0keoyo/HEVD-Double-Free-PoC
- https://github.com/k0keoyo/HEVD-Arbitrary-Overwrite-Exploit-Win10-rs3
- https://github.com/tekwizz123/HEVD-Exploit-Solutions
- https://github.com/k0keoyo/try_exploit
- https://github.com/Cn33liz/HSEVD-VariousExploits
- https://github.com/Cn33liz/HSEVD-StackOverflow
- https://github.com/Cn33liz/HSEVD-StackOverflowX64
- https://github.com/Cn33liz/HSEVD-StackCookieBypass
- https://github.com/Cn33liz/HSEVD-ArbitraryOverwriteGDI
- https://github.com/Cn33liz/HSEVD-StackOverflowGDI
- https://github.com/Cn33liz/HSEVD-ArbitraryOverwriteLowIL
- https://github.com/Cn33liz/HSEVD-ArbitraryOverwrite
- https://github.com/akayn/demos
windows exploits
- https://github.com/peleghd/Windows-10-Exploitation
- https://github.com/NAXG/cve_2019_0708_bluekeep_rce (RDP)
- https://github.com/wchen-r7/VulnCases (cases)
- https://github.com/rockmelodies/CVE-2019-0708-Exploit (RDP)
- https://github.com/admintony/svnExploit
- https://github.com/smgorelik/Windows-RCE-exploits
- https://github.com/WindowsExploits/Exploits
- https://github.com/codewhitesec/UnmarshalPwn
- https://github.com/shellphish/how2heap
- https://github.com/externalist/exploit_playground
- https://github.com/cervoise/Abuse-bash-for-windows
linux exploits
windows kernel exploits
- https://github.com/bluefrostsecurity/Meltdown-KVA-Shadow-Leak (Meltdown Reloaded: Breaking Windows KASLR by Leaking KVA Shadow Mappings)
- https://github.com/synacktiv/Windows-kernel-SegmentHeap-Aligned-Chunk-Confusion
- https://github.com/gdabah/win32k-bugs
- https://github.com/SouhailHammou/Drivers (ATP bypass)
- https://www.unknowncheats.me/forum/anti-cheat-bypass/334557-vulnerable-driver-megathread.html?nsukey=CkSGplDUMAWaGbr8btXXDeNqNyzCau83773dZHbUgTD2KbfFsN4ReqwwjwB1TE2jjUz0HHSUQSrvX7JZ%2BtA0RPQFg5pWsGwlyCVT6EW1cF8Y%2BDfa%2Fd8KHdi%2FFG5mj6oTcKaCfR%2BQmUANoXeWHbzursQ68JQdcT5zfCKwgR7ZutAla5N%2FHH8448BpwB4nKJuBB0ns7Ex0vVB7O8j%2BkcFaug%3D%3D
- https://github.com/n3k/EKOParty2015_Windows_SMEP_Bypass (SEMP bypass)
- https://github.com/saaramar/execve_exploit (WSL)
- https://github.com/siberas/CVE-2016-3309_Reloaded
- https://github.com/moccajoghurt/drvmap_secure
- https://github.com/fishstiqz/poolinfo
- https://github.com/cbayet/Exploit-CVE-2017-6008
- https://github.com/cbayet/PoolSprayer (pool spray)
- https://github.com/DownWithUp/CVE-2018-15499 (race condition)
- https://github.com/SandboxEscaper/randomrepo (win10 LPE)
- https://github.com/jackson5-sec/TaskSchedLPE (LPE)
- https://github.com/HarsaroopDhillon/AHNLab-0day(LPE)
- https://github.com/paranoidninja/Pandoras-Box
- https://github.com/MarkHC/HandleMaster
- https://github.com/can1357/physical_mem_controller
- https://github.com/can1357/safe_capcom
- https://github.com/can1357/CVE-2018-8897
- https://github.com/JeremyFetiveau/Exploits
- https://github.com/hfiref0x/Stryker
- https://github.com/swwwolf/obderef
- https://github.com/k0keoyo/CVE-2017-0038-EXP-C-JS
- https://github.com/cbayet/PoolSprayer
- https://github.com/k0keoyo/Vir.IT-explorer-Anti-Virus-Null-Pointer-Reference-PoC
- https://github.com/k0keoyo/Driver-Loaded-PoC
- https://github.com/k0keoyo/try_exploit
- https://github.com/k0keoyo/CVE-2015-2546-Exploit
- https://github.com/k0keoyo/Dark_Composition_case_study_Integer_Overflow
- https://github.com/tinysec/vulnerability
- https://github.com/akayn/demos
- https://github.com/abatchy17/WindowsExploits
- https://github.com/recodeking/WindowsExploitation
- https://github.com/GDSSecurity/Windows-Exploit-Suggester
- https://github.com/rwfpl/rewolf-pcausa-exploit
- https://github.com/ratty3697/HackSpy-Trojan-Exploit
- https://github.com/SecWiki/windows-kernel-exploits
- https://github.com/sensepost/ms16-098
- https://github.com/shjalayeri/sysret
- https://github.com/sam-b/windows_kernel_resources
- https://github.com/sensepost/gdi-palettes-exp
- https://github.com/ExpLife/ByPassCfg
- https://github.com/Rootkitsmm/WinIo-Vidix
- https://github.com/andrewkabai/vulnwindrv
- https://github.com/mwrlabs/CVE-2016-7255
- https://github.com/MarkHC/HandleMaster
- https://github.com/SamLarenN/CapcomDKOM
- https://github.com/zerosum0x0/puppetstrings
- https://github.com/zerosum0x0/ShellcodeDriver
- https://github.com/Rootkitsmm/WinIo-Vidix
- https://github.com/progmboy/kernel_vul_poc
- https://github.com/rwfpl/rewolf-msi-exploit
- https://github.com/rwfpl/rewolf-pcausa-exploit
- https://github.com/Rootkitsmm/Win10Pcap-Exploit
- https://github.com/Rootkitsmm/MS15-061
- https://github.com/Rootkitsmm/cve-2016-0040
- https://github.com/Rootkitsmm/CVEXX-XX
- https://github.com/sensepost/ms16-098
- https://github.com/Trietptm-on-Security/bug-free-adventure
- https://github.com/sam-b/CVE-2014-4113
- https://github.com/Rootkitsmm/OpenVpn-Pool-Overflow
- https://github.com/Rootkitsmm/UnThreatAVDriver-DOS
- https://github.com/Cr4sh/ThinkPwn
- https://github.com/hfiref0x/CVE-2015-1701
- https://github.com/tyranid/windows-logical-eop-workshop
- https://github.com/google/sandbox-attacksurface-analysis-tools
- https://github.com/tyranid/ExploitRemotingService
- https://github.com/tyranid/DeviceGuardBypasses
- https://github.com/tyranid/ExploitDotNetDCOM
- https://github.com/hatRiot/token-priv(EOP)
- https://github.com/weizn11/MS17010_AllInOne
- https://github.com/TeskeVirtualSystem/MS17010Test
race condition
LPE
- https://github.com/itm4n/PrintSpoofer
- https://github.com/yusufqk/SystemToken
- https://github.com/itm4n/UsoDllLoader
- https://github.com/DoubleLabyrinth/SdoKeyCrypt-sys-local-privilege-elevation
- https://github.com/AlessandroZ/BeRoot
- https://github.com/HackerPide/The-Division-Bypass (division bypass)
- https://github.com/khr0x40sh/WhiteListEvasion
- https://github.com/ohpe/juicy-potato
- https://github.com/nmulasmajic/syscall_exploit_CVE-2018-8897
- https://github.com/codewhitesec/UnmarshalPwn
- https://ohpe.github.io/juicy-potato/
linux exploit
office exploit
flash exploit
sandbox
sandbox escape
- https://github.com/b4rtik/ATPMiniDump
- https://github.com/ray-cp/vm-escape
- https://github.com/xairy/vmware-exploitation
- https://github.com/649/Chrome-Sandbox-Exploit
- https://github.com/SilverMoonSecurity/SandboxEvasion
- https://github.com/exAphex/SandboxEscape
- https://github.com/Fel0ny/Sandbox-Detection
- https://github.com/CheckPointSW/InviZzzible
- https://github.com/MalwareTech/AppContainerSandbox
- https://github.com/tyranid/IE11SandboxEscapes
- https://github.com/649/Chrome-Sandbox-Exploit
- https://github.com/google/sandbox-attacksurface-analysis-tools
- https://github.com/conix-security/zer0m0n
- https://github.com/iceb0y/windows-container
- https://github.com/s7ephen/SandKit
- https://github.com/D4Vinci/Dr0p1t-Framework
- https://github.com/cryptolok/MorphAES
- https://github.com/mtalbi/vm_escape
- https://github.com/unamer/vmware_escape
- https://github.com/erezto/lua-sandbox-escape
- https://github.com/brownbelt/Edge-sandbox-escape
- https://github.com/shakenetwork/vmware_escape
- https://github.com/Cr4sh/prl_guest_to_host
anti exploit
- https://github.com/shjalayeri/Pwnypot
- https://github.com/shjalayeri/MCEDP
- https://github.com/Empier/Anti-Exploit
cve
- https://github.com/yardenshafir/CVE-2020-1034
- https://github.com/ioncodes/CVE-2020-16938
- https://github.com/Ascotbe/Kernelhub
- https://github.com/DownWithUp/CVE-Stockpile
- https://github.com/ollypwn/CVE-2020-0601
- https://github.com/bluefrostsecurity/CVE-2019-1215 (LPE)
- https://github.com/apt69/COMahawk
- https://github.com/DownWithUp/CVE-Stockpile
- https://github.com/badd1e/Disclosures
- https://github.com/Barakat/CVE-2019-16098 (LPE)
- https://github.com/qazbnm456/awesome-cve-poc#cve-2016-3088
- https://github.com/Vlad-tri/CVE-2019-1132
- https://github.com/RingLcy/VulnerabilityAnalysisAndExploit
- https://github.com/thepwnrip/leHACK-Analysis-of-CVE-2018-8453
- https://github.com/o0xmuhe/RealWorldPwn
- https://github.com/sophoslabs/CVE-2019-0888 (ADO UAF)
- https://github.com/Iamgublin/CVE-2019-0803 (LPE)
- https://github.com/ze0r/cve-2019-0808-poc
- https://github.com/Ridter/acefile
- https://github.com/Ridter/Exchange2domain
- https://github.com/ze0r/cve-2018-8453-exp
- https://github.com/gravitational/cve-2018-1002105
- https://github.com/LyleMi/dom-vuln-db
- https://github.com/renorobert/virtualbox-cve-2018-2844
- https://github.com/LiuCan01/cve-list-pro
- https://github.com/CVEProject/cvelist
hips
- https://github.com/secrary/DrSemu
- https://github.com/godaddy/procfilter
- https://github.com/BrunoMCBraga/Kernel-Whisperer
- https://malwaretips.com/threads/av-self-protection-process-c-c.66200/
- https://github.com/zareprj/JAV-AV-Engine
- https://github.com/0xdabbad00/OpenHIPS
- https://github.com/ExpLife/Norton_AntiVirus_SourceCode
- https://github.com/majian55555/MJAntiVirusEngine
- https://github.com/develbranch/TinyAntivirus
- https://github.com/tandasat/EopMon
- https://github.com/tandasat/MemoryMon
windows hypervisor
- https://github.com/FoxHex0ne/HyperViper
- https://github.com/comaeio/LiveCloudKd
- https://github.com/0vercl0k/pywinhv
- https://github.com/gamozolabs/falkervisor_grilled_cheese
- https://github.com/redogwu/hyper-v
- https://github.com/Ekrte/hithithit
- https://github.com/Microsoft/FirewallEventMonitor
- https://github.com/ionescu007/Simpleator
- https://github.com/StrikerX3/whvpclient
kvm
vt
- https://github.com/amiryeshurun/HyperWin
- https://github.com/sooqua/VanderLeague (hack lol)
- https://github.com/cyberus-technology/hedron.git
- https://github.com/kukrimate/grr
- https://github.com/hvmi/hvmi
- https://github.com/napocahv/napoca
- https://github.com/SinaKarvandi/HyperDbg
- https://github.com/jonomango/mango-library (🥭windows memory library aimed towards game hacking)
- https://github.com/chillancezen/ZeldaOS.x86_64
- https://github.com/9176324/Daat
- https://github.com/eyalz800/zpp_hypervisor
- https://github.com/stonedreamforest/Mirage
- https://github.com/IgorKorkin/MemoryRanger
- https://github.com/hrbust86/SvmNest
- https://github.com/Kelvinhack/DeviceMon
- https://github.com/Kelvinhack/NoTruth
- https://github.com/udosteinberg/NOVA
- https://github.com/changeofpace/VivienneVMM (stealthy debugging framework)
- https://github.com/tklengyel/drakvuf
- https://github.com/gamozolabs/applepie
- https://github.com/haidragon/newbluepill
- https://github.com/Gbps/gbhv
- https://github.com/ionescu007/SimpleVisor
- https://github.com/xdel/bluepillstudy
- https://github.com/SinaKarvandi/Hypervisor-From-Scratch
- https://github.com/wbenny/hvpp
- https://github.com/Sqdwr/Multi_CPU_VtBase
- https://github.com/marche147/IoctlMon
- https://github.com/ionescu007/SimpleVisor
- https://github.com/zer0mem/MiniHyperVisorProject
- https://github.com/zer0mem/ShowMeYourGongFu
- https://github.com/zer0mem/HyperVisor
- https://github.com/marche147/SimpleVT
- https://github.com/DarthTon/HyperBone
- https://github.com/nick-kvmhv/splittlb
- https://github.com/zareprj/Vmx_Prj
- https://github.com/ZhuHuiBeiShaDiao/MiniVTx64
- https://github.com/tandasat/HyperPlatform
- https://github.com/hzqst/Syscall-Monitor
- https://github.com/asamy/ksm
- https://github.com/in12hacker/VT_64_EPT
- https://github.com/ZhuHuiBeiShaDiao/PFHook
- https://github.com/tandasat/FU_Hypervisor
- https://github.com/tandasat/DdiMon
- https://github.com/tandasat/GuardMon
- https://github.com/yqsy/VT_demo
- https://github.com/OkazakiNagisa/VTbasedDebuggerWin7
- https://github.com/Ouroboros/JuusanKoubou
- https://github.com/aaa1616/Hypervisor
- https://github.com/Nukem9/VirtualDbg
- https://github.com/Nukem9/VirtualDbgHide
- https://github.com/cheat-engine/cheat-engine
- https://github.com/Kelvinhack/kHypervisor
firmware
fuzzer
- https://github.com/math1as/Windows-GDI-fuzzer
- https://github.com/strongcourage/uafuzz
- https://github.com/HyperDbg/HyperDbg (An x86-64 VT-x based Windows Debugger)
- https://www.youtube.com/user/gamozolabs/videos (great fuzz courses)
- https://github.com/aflsmart/aflsmart
- https://github.com/FoxHex0ne/DocParseFuzzingResources
- https://github.com/vanhauser-thc/AFLplusplus (AFLPlusPlus)
- https://github.com/zhunki/Superion
- https://github.com/uds-se/fuzzingbook
- https://github.com/wcventure/WasmFuzz
- https://github.com/wcventure/FuzzingPaper (paper)
- https://github.com/FoxHex0ne/Silfen
- https://bbs.pediy.com/thread-255544.htm
- https://bbs.pediy.com/thread-255162.htm (winafl)
- https://github.com/bin2415/fuzzing_paper
- https://github.com/mxmssh/manul
- https://github.com/nccgroup/fuzzowski
- https://github.com/rk700/uniFuzzer (closed-source binaries fuzzer)
- https://github.com/trailofbits/sienna-locomotive
- https://github.com/compsec-snu/razzer
- https://github.com/wcventure/FuzzingPaper
- https://github.com/mwrlabs/ViridianFuzzer (fuzz Hyper-V hypercalls)
- https://github.com/GoSSIP-SJTU/TripleDoggy
- https://github.com/payatu/EMFFuzzer
- https://github.com/googleprojectzero/bochspwn-reloaded
- https://github.com/googleprojectzero/p0tools
- https://github.com/wnagzihxa1n/BrowserSecurity
- https://github.com/Dongdongshe/neuzz
- https://github.com/nickjackson2011/study-TTF_format
- https://github.com/oxagast/ansvif
- https://github.com/hfiref0x/ROCALL
- https://github.com/bin2415/fuzzing_paper
- https://github.com/CERTCC/dranzer (activex/com)
- https://github.com/lcatro/How-to-Read-Source-and-Fuzzing (learn fuzzer)
- https://github.com/sogeti-esec-lab/RPCForge
- https://github.com/RootUp/BFuzz
- https://github.com/necst/crave
- https://github.com/IOActive/FuzzNDIS
- https://github.com/bee13oy/AV_Kernel_Vulns/tree/master/Zer0Con2017
- https://github.com/k0keoyo/kDriver-Fuzzer (Paper:https://whereisk0shl.top/post/2018-01-30)
- https://github.com/koutto/ioctlbf
- https://github.com/Cr4sh/ioctlfuzzer
- https://github.com/Cr4sh/MsFontsFuzz
- https://github.com/hfiref0x/NtCall64
- https://github.com/Rootkitsmm/Win32k-Fuzzer
- https://github.com/mwrlabs/KernelFuzzer
- https://github.com/SignalSEC/kirlangic-ttf-fuzzer
- https://github.com/demi6od/Smashing_The_Browser
- https://github.com/marche147/IoctlMon
- https://github.com/k0keoyo/Some-Kernel-Fuzzing-Paper
emet
hotpatch
memory hack
game
game hack
- https://github.com/sooqua/VanderLeague (LOL)
- https://github.com/Speedi13/ROP-COMPILER (VAC / PB)
- https://github.com/Aki2k/BEDaisy(battleyes kernel driver)
- https://github.com/dretax/GarHal_CSGO (csgo)
- https://github.com/nbqofficial/kernel-csgo (csgo)
- https://www.youtube.com/playlist?list=PL8TEddGT5w_j80QNqkFwl3stUTxlHol_h (LOL)
- https://github.com/mq1n/BadEye (BattlEye)
- https://github.com/NMan1/Rainbow-Six-Cheat
- https://github.com/FiYHer/How-to-create-a-csgo-cheating-program
- https://github.com/NMan1/Internal-Rainbow-Six-Cheat
- https://github.com/Vaseliinikives/Fortnite-External
- https://github.com/Joona70/fortnite-cheat-source-public
- https://github.com/qofeharaf/IGodsEye
- https://github.com/Wando1423/Antario
- https://github.com/zH4x/SoT-DLL (esp)
- https://github.com/huoji120/apex_full_cheat
- https://github.com/CasualX/apexbot
- https://github.com/tomLadder/Call-of-Duty-Black-Ops-III-Cheat
- https://github.com/vmcall/battleye_emulation
- https://github.com/JakeDahl/ApexStuff
- https://github.com/luciouskami/LOL-CN-Anti-AntCheat
- https://github.com/danielkrupinski/Osiris
- https://github.com/ApexLegendsUC/anti-cheat-emulator
- https://github.com/EternityX/DEADCELL-CSGO
- https://github.com/adrianyy/EACReversing (EAC)
- https://github.com/EquiFox/KsDumper (process dump from kernel space)
- https://github.com/EternityX/DEADCELL-CSGO
- https://github.com/M-T3K/GameHacking
- https://github.com/nanoric/pkn
- https://github.com/luciouskami/APEX-EACBypass
- https://github.com/fenix01/cheatengine-library (cheatengine library wrapper)
- https://github.com/GoodstudyChina/CSGO-Cheat
- https://github.com/Nixer1337/Nixware-GMOD
- https://github.com/DragonQuestHero/PUBG-PAK-Hacker (BattlEye)
- https://github.com/GameHackingBook/GameHackingCode
- https://github.com/danielkrupinski/Osiris (Counter-Strike)
- https://github.com/moccajoghurt/MemWars
- https://github.com/dsasmblr/hacking-online-games
- https://github.com/dsasmblr/game-hacking
- https://github.com/daswareinfach/Battleye-VAC-EAC-Kernel-Bypass (BattlEye)
- https://blog.his.cat/a/fuck_battleye.cat (BattlEye)
- https://github.com/Tai7sy/BE_Fuck (Battleye)
- https://github.com/Synestraa/Highcall-Library
- https://github.com/cheat-engine/cheat-engine
- https://github.com/DreamHacks/dreamdota
- https://github.com/yoie/NGPlug-in
- https://github.com/DevelopKits/proj
- https://github.com/VideoCardGuy/ExpTool_GUI
- https://github.com/VideoCardGuy/Zhihu_SimpleLog
- https://github.com/VideoCardGuy/NewYuGiOh_CheatDLL_x64
- https://github.com/VideoCardGuy/Tetris
- https://github.com/VideoCardGuy/YuGiOh
- https://github.com/VideoCardGuy/SnakeAI
- https://github.com/VideoCardGuy/gitAsktao
- https://github.com/VideoCardGuy/War3Cheat
- https://github.com/VideoCardGuy/AStar_Study
- https://github.com/VideoCardGuy/BnsChina_SetSpeed
- https://github.com/VideoCardGuy/LOLProjects
- https://github.com/VideoCardGuy/NewYuGiOh_CheatDLL_x64
- https://github.com/VideoCardGuy/PictureMatchGame
- https://github.com/VideoCardGuy/AutoLoginByBnsChina
- https://github.com/VideoCardGuy/MemoryWatchTool
- https://github.com/VideoCardGuy/LOL_China
- https://github.com/mlghuskie/NoBastian
- https://github.com/G-E-N-E-S-I-S/BattlegroundsChams
- https://github.com/luciouskami/XignCode3Bypass
- https://github.com/luciouskami/CS-GO-Simple-Hack
- https://github.com/luciouskami/load-self-mix
- https://github.com/Karaulov/WarcraftIII_DLL_126-127
- https://github.com/TonyZesto/PubgPrivXcode85
- https://github.com/luciouskami/gameguard-for-war3
- https://github.com/PopcornEgg/LOLChangeSkin
- https://github.com/ValveSoftware/ToGL
- https://github.com/Karaulov/War3-SizeLimit-Bypass
- https://github.com/F7eak/Xenon
- https://github.com/syj2010syj/All-Star-Battle-2
anti cheat
- https://github.com/zyhp/vac3_inhibitor
- https://github.com/thesecretclub/CVEAC-2020
- https://github.com/huoji120/CSGO_CrowAntiCheat
- https://github.com/niemand-sec/Reversing-XignCode3-Driver
- https://github.com/niemand-sec/AntiCheat-Testing-Framework
- https://github.com/GravitLauncher/Avanguard
- https://github.com/Mouka-Yang/AntiCheatProtector
- https://github.com/mq1n/NoMercy
- https://github.com/SagaanTheEpic/Sagaan-AntiCheat-V2.0
- https://github.com/SagaanTheEpic/SAC-Sagaan-AntiCheat-Module-
- https://github.com/SagaanTheEpic/SAC-Anti-Debug
- https://github.com/SagaanTheEpic/SAC-Sagaan-AntiCheat-ModuleThread
- https://github.com/SagaanTheEpic/SAC-Sagaan-AntiCheat-OverlayDetector-
- https://github.com/SagaanTheEpic/Mega-Bypasss
- https://github.com/SagaanTheEpic/SAC-Sagaan-AntiCheat-UserMode-
- https://github.com/SagaanTheEpic/SAC-Sagaan-AntiCheat-Driver-
- https://github.com/SagaanTheEpic/SagaanTheEpic-Millin-Hack-SMH-Kernel
- https://github.com/SagaanTheEpic/LSASS-Usermode-Bypass
- https://github.com/SagaanTheEpic/KernelMode-Bypass
- https://github.com/chinatiny/GameAntiCheat
- https://github.com/jnastarot/anti-cheat
- https://github.com/jnastarot/ice9
software reverse
pe protector
- https://github.com/TimelifeCzy/Shell_Protect (vm)
- https://github.com/93aef0ce4dd141ece6f5/Packer
- https://github.com/devilogic/xvirus
- https://github.com/nickcano/RelocBonus
- https://github.com/jnastarot/furikuri
unpacker
- https://github.com/Phat3/PINdemonium (pin)
- https://github.com/BromiumLabs/PackerAttacker
- http://n10info.blogspot.com/2018/03/xvolkolak-010.html
emulate code execution
- https://github.com/sycurelab
- https://github.com/hzqst/unicorn_pe
- https://github.com/inaz2/Unico
- https://github.com/Coldzer0/Cmulator
pin
- https://github.com/thalium/icebox
- https://github.com/season-lab/bluepill/
- https://github.com/long123king/PE-Replay
- https://github.com/Fare9/ANBU
- https://github.com/BreakingMalware/Selfie
- https://github.com/BreakingMalware/AVulnerabilityChecker
- https://github.com/hasherezade/MyPinTools
- https://github.com/hasherezade/tiny_tracer
- https://github.com/dyninst/dyninst
symbolic execution
- https://github.com/cea-sec/miasm
- https://github.com/illera88/Ponce
- https://github.com/gaasedelen/lighthouse
obfuscation
deobfuscation
- https://github.com/nblog/Vm2Import
- https://github.com/zodiacddos/BattleEye-EasyAntiCheat-Bypasses
- https://github.com/amimo/ollvm-breaker
- https://github.com/JonathanSalwan/Tigress_protection
- https://github.com/1111joe1111/tuts (vmprotect 3+)
- https://github.com/F8LEFT/DecLLVM
- https://github.com/mmyydd/relative-pattern
- https://github.com/SCUBSRGroup/OLLVM_Deobfuscation
taint analyse
- https://github.com/cea-sec/miasm (blackhat 2018)
- https://bbs.pediy.com/thread-230299.htm
- https://bbs.pediy.com/thread-230105.htm
- https://bbs.pediy.com/thread-226603.htm
- https://bbs.pediy.com/thread-224353.htm
- https://bbs.pediy.com/thread-223849.htm
- https://github.com/airbus-seclab/bincat
- https://github.com/SCUBSRGroup/Taint-Analyse
- https://github.com/airbus-seclab/bincat
- https://github.com/SCUBSRGroup/Taint-Analyse
- https://github.com/piscou/FuzzWin
bin diff
- https://github.com/joxeankoret/pigaios
- https://www.zynamics.com/bindiff.html
- https://github.com/joxeankoret/diaphora
- https://github.com/ExpLife/binarydiffer
- https://github.com/ExpLife/patchdiff2_ida6
- https://github.com/ExpLife/patchdiff2
debugger
x64dbg plugin
- https://github.com/horsicq
- https://github.com/Ahmadmansoor/AdvancedScript
- https://github.com/changeofpace/Force-Page-Protection
- https://github.com/secrary/idenLib
- https://github.com/Gbps/x64dbg-consonance-theme
- https://github.com/ThunderCls/xAnalyzer
- https://github.com/mrexodia/TitanHide
- https://github.com/x64dbg/InterObfu
- https://github.com/x64dbg/ScyllaHide
- https://github.com/Nukem9/SwissArmyKnife
- https://github.com/x64dbg/x64dbg/wiki/Plugins
live kernel debug
- https://samsclass.info/126/proj/p12-kernel-debug-win10.htm?tdsourcetag=s_pctim_aiomsg
- https://gds89.wordpress.com/2010/05/19/windows-7-x64-local-and-live-kernel-debugging/
windbg plugin
- https://github.com/0cch/luadbg (lua ext)
- https://github.com/repnz/windbg-cheat-sheet
- https://github.com/long123king/tokenext
- https://github.com/long123king/grep (regular expression)
- https://github.com/fdiskyou/iris
- https://github.com/pstolarz/dumpext (pe unpack)
- http://www.andreybazhan.com/debugging.html
- https://github.com/vallejocc/Reverse-Engineering-Arsenal/ (anti-anti_debugging winDbg scripts)
- https://github.com/vagnerpilar/windbgtree (nice plugin)
- https://github.com/hugsy/windbg_js_scripts (js)
- https://github.com/0vercl0k/windbg-scripts (js)
- https://github.com/REhints/WinDbg
- https://github.com/jthuraisamy/DIRT
- https://github.com/OSRDrivers/penter
- https://github.com/OSRDrivers/windbg-exts
- https://github.com/panoramixor/GDIObjDump
- https://codeday.me/bug/20171003/80216.html
- http://virtualkd.sysprogs.org/
- https://github.com/VincentSe/WatchTrees
virtualkd
ida script & plugin
- https://github.com/fireeye/FIDL
- https://github.com/mefistotelis/ida-pro-loadmap
- https://github.com/ampotos/dynStruct
- https://github.com/patois/HRDevHelper
- https://github.com/0xeb/ida-qscripts (easy developing script)
- https://github.com/google/binexport
- https://github.com/nihilus/ida-pro-swf
- https://github.com/ax330d/hrdev
- https://github.com/ax330d/ida_pdb_loader
- https://github.com/ax330d/functions-plus
- https://github.com/ecx86/classinformer-ida7
- https://github.com/IOActive/kmdf_re
- https://github.com/a1ext/labeless
- https://github.com/kkHAIKE/tinyidb
- https://github.com/RolfRolles/HexRaysDeob (deobfuscate)
- https://github.com/icewall/BinDiffFilter
- https://github.com/devttys0/ida/
- https://github.com/dude719/SigMaker-x64 (pat2sig)
- https://github.com/fireeye/flare-ida (idb2pat)
- https://zznop.github.io/bnida/
- https://github.com/zyantific/IDASkins
- https://github.com/eugeii/ida-consonance
- https://github.com/mwrlabs/win_driver_plugin
- https://github.com/igogo-x86/HexRaysPyTools
- https://github.com/techbliss/Python_editor
- https://github.com/tmr232/Sark
- http://sark.readthedocs.io/en/latest/debugging.html
- https://bbs.pediy.com/thread-224627.htm (wing debugging idapython script)
ida sig maker
- https://github.com/wanttobeno/IDASignMaker
- https://blog.csdn.net/lixiangminghate/article/details/81352205
idapython
- https://github.com/Chordp/PatternGen (Pattern)
- https://github.com/inforion/idapython-cheatsheet
- https://github.com/thalium/idatag
- https://github.com/sophoslabs/WebAssembly
- https://github.com/howmp/COMFinder
- https://github.com/maddiestone/IDAPythonEmbeddedToolkit
- https://github.com/zyantific/IDASkins
- https://github.com/ynvb/DIE
- https://github.com/nologic/idaref
- https://github.com/anatolikalysch/VMAttack
- https://github.com/36hours/idaemu
- https://github.com/gaasedelen/lighthouse
- https://github.com/avast-tl/retdec-idaplugin
- https://github.com/1111joe1111/ida_ea
- https://github.com/eugeii/ida-consonance
- https://github.com/IDArlingTeam/IDArling
- https://github.com/aaronportnoy/toolbag
- https://github.com/L4ys/LazyIDA
- https://github.com/push0ebp/sig-database
- https://github.com/igogo-x86/HexRaysPyTools
- https://github.com/intezer/docker-ida
- https://github.com/keystone-engine/keypatch
- https://github.com/dzzie/IDACompare
- https://github.com/snare/ida-efiutils
- https://github.com/zachriggle/ida-splode
- https://github.com/nccgroup/idahunt
- https://github.com/iphelix/ida-sploiter
- https://github.com/ALSchwalm/dwarfexport
- https://github.com/Maktm/FLIRTDB
- https://github.com/strazzere/golang_loader_assist
- https://github.com/Ga-ryo/IDAFuzzy
- https://github.com/duo-labs/idapython
- https://github.com/polymorf/findcrypt-yara
- https://github.com/patois/IDACyber
- https://github.com/F8LEFT/DecLLVM
- https://github.com/RobinDavid/idasec
- https://github.com/tboox/vm86
- https://github.com/siberas/IDA2Sym
- https://github.com/sibears/IDAGolangHelper
- https://github.com/tmr232/IDABuddy
- https://github.com/zyantific/REtypedef
- https://github.com/nihilus/IDA_Signsrch
- https://github.com/ax330d/ida_pdb_loader
- https://github.com/alexander-hanel/idapython6to7
- https://github.com/nektra/vtbl-ida-pro-plugin
- https://github.com/wirepair/IDAPinLogger
- https://github.com/BinaryAnalysisPlatform/bap-ida-python
- https://github.com/alexander-pick/patchdiff2_ida6
- https://github.com/ecx86/classinformer-ida7
- https://github.com/nccgroup/SusanRTTI
- https://github.com/gaasedelen/prefix
- https://github.com/andreafioraldi/IDAngr
- https://github.com/Cr4sh/IDA-VMware-GDB
- https://github.com/Comsecuris/ida_strcluster
- https://github.com/airbus-seclab/bincat
- https://github.com/a1ext/auto_re
- https://github.com/gynophage/solarized_ida
- https://github.com/luorui110120/IDAplugins
- https://github.com/0xItx/ida_nightfall
- https://github.com/xorpd/idsearch
- https://github.com/nihilus/IDASimulator
- https://github.com/dude719/SigMaker-x64
- https://github.com/fireeye/SimplifyGraph
- https://github.com/google/binexport
- https://github.com/deresz/funcap
- https://github.com/IOActive/kmdf_re
- http://www.h4ck.org.cn/2011/07/ida-pe6-dll-unpack/
- https://www.anquanke.com/post/id/151898
- https://www.anquanke.com/post/id/85890
- https://www.cnblogs.com/17bdw/p/7785469.html
- https://4hou.win/wordpress/?cat=1178 (pin & ida)
- https://wizardforcel.gitbooks.io/grey-hat-python/
- http://spd.dropsec.xyz/2016/10/05/IDAPython%E5%AE%89%E8%A3%85/
- http://spd.dropsec.xyz/2017/04/09/%E7%AC%A6%E5%8F%B7%E6%89%A7%E8%A1%8C-%E5%9F%BA%E4%BA%8Epython%E7%9A%84%E4%BA%8C%E8%BF%9B%E5%88%B6%E5%88%86%E6%9E%90%E6%A1%86%E6%9E%B6angr/
- http://spd.dropsec.xyz/2016/10/16/IDAPython%E8%84%9A%E6%9C%AC%E4%B9%8B%E6%94%B6%E9%9B%86%E5%87%BD%E6%95%B0%E7%9A%84%E8%B0%83%E7%94%A8%E4%BF%A1%E6%81%AF/
- http://www.freebuf.com/sectool/92107.html
- http://www.freebuf.com/sectool/92168.html
- http://www.freebuf.com/articles/system/92488.html
- http://www.freebuf.com/articles/system/92505.html
- http://www.freebuf.com/articles/system/93440.html
- https://www.fortinet.com/blog/threat-research/rewriting-idapython-script-objc2-xrefs-helper-py-for-hopper.html
- https://sark.readthedocs.io/en/latest/debugging.html
- https://cartermgj.github.io/2017/10/10/ida-python/
- https://security.tencent.com/index.php/blog/msg/4
- https://wingware.com/doc/howtos/idapython
- http://www.somersetrecon.com/blog/2018/7/6/introduction-to-idapython-for-vulnerability-hunting
- http://0xeb.net/2018/02/writing-a-simple-x86-emulator-with-idapython/
- http://0xeb.net/2018/02/writing-a-simple-x86-emulator-with-idapython/
- https://resources.infosecinstitute.com/saving-time-effort-idapython/#gref
- https://www.thezdi.com/blog/2018/5/21/mindshare-walking-the-windows-kernel-with-ida-python
- https://www.thezdi.com/blog/2018/7/19/mindshare-an-introduction-to-pykd
- https://www.thezdi.com/blog/2018/6/26/mindshare-variant-hunting-with-ida-python
- http://www.mopsled.com/2016/add-shortcut-for-idapython-script-ida-pro/
- http://blog.sina.com.cn/s/blog_9f5e368a0102wnmm.html
- https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/october/python-class-informer-an-idapython-plugin-for-viewing-run-time-type-information-rtti/
- https://www.pydoc.io/pypi/python-idb-0.4.0/autoapi/analysis/index.html
- https://securityxploded.com/api-call-tracing-with-pefile-pydbg-and-idapython.php
- https://www.cnblogs.com/0xJDchen/p/7527236.html
- http://www.williballenthin.com/blog/2015/09/04/idapython-synchronization-decorator/
- https://www.fireeye.com/blog/threat-research/2015/01/flare_ida_pro_script.html
- https://bbs.pediy.com/thread-226983.htm
- https://www.trustwave.com/Resources/SpiderLabs-Blog/Defeating-Flame-String-Obfuscation-with-IDAPython/
- https://www.anquanke.com/post/id/151898
- https://edoc.site/idapython-bookpdf-pdf-free.html
- https://serializethoughts.com/tag/idapython/
- https://exploiting.wordpress.com/2011/12/06/quickpost-idapython-script-to-identify-unrecognized-functions/
- http://barbie.uta.edu/~xlren/Diaphora/diaphora_help.pdf
- https://www.jianshu.com/p/ee789e8acb03
- http://blog.51cto.com/watertoeast/2084700
- http://blog.51cto.com/watertoeast/1352787
- https://blog.clamav.net/2014/02/generating-clamav-signatures-with.html
- https://www.mnin.org/write/2006_extract_xor.pdf
- http://www.hexacorn.com/blog/2015/12/21/idapython-making-strings-decompiler-friendly/
- http://standa-note.blogspot.com/2015/01/arm-exception-handling-and-idapython.html
- http://codegist.net/code/idapython-script/
- https://reverseengineering.stackexchange.com/questions/16055/idapython-get-xrefs-to-a-stack-variable
pykd & FAQ
- https://github.com/sogeti-esec-lab/LKD
- https://www.anquanke.com/post/id/86909
- https://www.anquanke.com/post/id/86896
- https://www.anquanke.com/post/id/83205
- https://blog.csdn.net/jimoguilai/article/details/25286029
- https://blog.csdn.net/jimoguilai/article/details/29827283
- https://blog.csdn.net/jimoguilai/article/details/38122863
- https://blog.csdn.net/linux_vae/article/details/77532758
- https://blog.csdn.net/linux_vae/article/details/77532758
- https://blog.csdn.net/ambihan/article/details/35775933
- https://www.zerodayinitiative.com/blog/2018/7/19/mindshare-an-introduction-to-pykd
- https://www.cnblogs.com/fanzi2009/archive/2012/12/10/2811543.html
- https://cloud.tencent.com/developer/article/1005628
- http://eternalsakura13.com/2018/07/03/firefox_env/
- https://binvoke.com/inline-assembly-in-x64/
- https://webstersprodigy.net/2014/01/06/soft-function-hooking-with-windbg-and-pykd/
- https://rayanfam.com/topics/pykd-tutorial-part1/
- https://rayanfam.com/topics/pykd-tutorial-part2/
- https://labs.mwrinfosecurity.com/blog/heap-tracing-with-windbg-and-python/
- http://www.miguelventura.pt/scripting-windbg-with-pykd.html
- https://labs.nettitude.com/blog/windbg-using-pykd-to-dump-private-symbols/
- https://webstersprodigy.net/2014/01/06/soft-function-hooking-with-windbg-and-pykd/
- https://www.cnblogs.com/fanzi2009/archive/2012/12/10/2811543.html
- http://www.freebuf.com/articles/system/103816.html
- https://bbs.pediy.com/thread-224904.htm
- http://theevilbit.blogspot.com/2017/09/pool-spraying-fun-part-1.html
- http://theevilbit.blogspot.com/2017/09/windows-kernel-pool-spraying-fun-part-2.html
- http://theevilbit.blogspot.com/2017/09/windows-kernel-pool-spraying-fun-part-3.html
- http://theevilbit.blogspot.com/2017/09/windows-kernel-pool-spraying-fun-part-4.html
- https://githomelab.ru/pykd/pykd/-/issues/3
rpc
hash dump
- https://github.com/AlessandroZ/LaZagneForensic
- https://github.com/AlessandroZ/LaZagne (browser credentials recovery)
- https://github.com/gentilkiwi/mimikatz
auxiliary lib
ring3 nt api
- https://github.com/adrianyy/x64-syscall
- https://github.com/icestudent/ontl
- https://www.vergiliusproject.com/kernels
- https://github.com/DissectMalware/WinNativeIO
- https://github.com/zodiacon/WindowsInternals/tree/master/MemLimit/ndk
- https://github.com/codereversing/wow64syscall
- https://github.com/processhacker/phnt
- https://github.com/ntdiff/ntdiff
- https://ntdiff.github.io
- https://github.com/ntdiff/headers
- https://github.com/Chuyu-Team/NativeLib
winpcap
- http://libtins.github.io/tutorial/
- https://github.com/abapat/DNSPoison
- http://www.ferrisxu.com/WinPcap/html/index.html
- https://github.com/wqqhit/DNSHijack
- https://github.com/klemenb/fiddly
- http://blog.csdn.net/Ni9htMar3/article/details/54612394
- https://www.cnblogs.com/xcj26/articles/6073411.html
- http://www.freebuf.com/articles/system/103526.html
- https://github.com/illahaha/zxarps (arpcheat)
- https://github.com/sincoder/zxarps (arpcheat)
metasploit
- https://github.com/entynetproject/entypreter
- https://github.com/dr0op/MsfRpcApi
- https://github.com/phackt/stager.dll
- https://github.com/ExpLife/metasploit-framework
- https://github.com/NytroRST/NetRipper
- https://github.com/breenmachine/RottenPotatoNG
shellcode generator
shellcode encoder
shadow
network lib
http
- https://github.com/elnormous/HTTPRequest
- https://github.com/vlinhd11/WinHttpClass
- https://github.com/hpsocket/restclient-cpp
- https://github.com/farawaaay/http2 (http/2)
- https://github.com/OlehKulykov/libnhr
- https://github.com/erickutcher/httpdownloader
https proxy
- https://github.com/justcoding121/Titanium-Web-Proxy
- http://anyproxy.io/cn/
- https://github.com/killbug2004/HttpsProxy
- https://github.com/erickutcher/httpproxy
sock proxy
reverse proxy
mitm
- https://github.com/zliu-fd/WinDivertProxy
- https://github.com/sipt/shuttle (GO)
- https://github.com/conorpp/MiTM-HTTP-Proxy
- https://github.com/moxie0/sslsniff
- https://github.com/wuchangming/node-mitmproxy
- https://github.com/hostilefork/flatworm
- https://github.com/progtramder/webproxy
- https://github.com/empijei/wapty
- https://github.com/xxxxnnxxxx/HttpProxy
- https://github.com/astibal/smithproxy
- https://github.com/TechnikEmpire/CitadelCore
- https://github.com/TechnikEmpire/HttpFilteringEngine
- https://blog.csdn.net/kunyus/article/details/78679717
- https://github.com/liuyufei/SSLKiller
- http://blog.csdn.net/Tencent_Bugly/article/details/72626127
- https://github.com/pfussell/pivotal
ssl
json
serialization
awesome
- https://github.com/FULLSHADE/WindowsExploitationResources
- https://github.com/Wenzel/awesome-virtualization
- https://github.com/alphaSeclab/anti-av
- https://github.com/kevingo/coding-interview-university-zh-tw/blob/master/translations/README-cn.md
- https://websec.readthedocs.io/zh/latest/ (web sec)
- https://ctf-wiki.github.io/ctf-wiki/pwn/readme-zh/
- https://chybeta.github.io/2017/08/19/Software-Security-Learning/
- https://github.com/alphaSeclab/awesome-reverse-engineering
- https://github.com/enovella/TEE-reversing
- https://github.com/1c7/chinese-independent-developer
- https://github.com/theLSA/CS-checklist
- https://github.com/wcventure/FuzzingPaper
- https://github.com/wcventure/BugDetectionPaper
- https://github.com/xrkk/awesome-ida
- https://github.com/SecWiki/sec-chart
- https://github.com/skywind3000/awesome-cheatsheets (cheatsheets)
- https://github.com/toutiaoio/awesome-architecture
- https://github.com/streetleague/0xbird.github.io
- https://github.com/BlackINT3/awesome-debugging
- https://github.com/yeyintminthuhtut/Awesome-Advanced-Windows-Exploitation-References
- https://github.com/jobbole/awesome-design-cn
- https://github.com/xuanhun/HackingResource
- https://github.com/yeyintminthuhtut/Awesome-Windows-Exploitation-Study-References
- https://github.com/anhkgg/awesome-windbg-extensions
- https://github.com/wcventure/FuzzingPaper
- https://github.com/fr0gger/awesome-ida-x64-olly-plugin
- https://github.com/Ridter/Intranet_Penetration_Tips
- https://github.com/danielmiessler/SecLists
- https://github.com/yeyintminthuhtut/Awesome-Red-Teaming
- https://github.com/REMath/literature_review
- https://github.com/phith0n/Mind-Map
- https://github.com/CHYbeta/Software-Security-Learning
- https://github.com/0x4D31/awesome-threat-detection
- https://github.com/Escapingbug/awesome-browser-exploit
- https://github.com/CaledoniaProject/awesome-opensource-security
- https://github.com/rshipp/awesome-malware-analysis
- https://github.com/lmy375/awesome-vmp
- https://github.com/ksluckow/awesome-symbolic-execution
- https://github.com/szysec/ctftest
- https://stackoverflow.com/questions/4946685/good-tutorial-for-windbg
- https://github.com/rmusser01/Infosec_Reference
- https://github.com/sam-b/windows_kernel_resources
- https://github.com/EbookFoundation/free-programming-books
- https://github.com/justjavac/free-programming-books-zh_CN
- https://github.com/rmusser01/Infosec_Reference/
- https://github.com/jshaw87/Cheatsheets
- https://github.com/RPISEC/MBE
windows Driver Kit ddi (device driver interface) documentation
- https://docs.microsoft.com/zh-cn/windows-hardware/drivers/install/
- https://docs.microsoft.com/zh-cn/windows-hardware/drivers/kernel/
- https://docs.microsoft.com/zh-cn/windows-hardware/drivers/network/
- https://docs.microsoft.com/zh-cn/windows-hardware/drivers/ddi/
- https://docs.microsoft.com/zh-cn/windows-hardware/drivers/driversecurity
- https://docs.microsoft.com/zh-cn/windows-hardware/drivers/wdf/
- https://docs.microsoft.com/zh-cn/windows-hardware/drivers/samples/
- https://docs.microsoft.com/zh-cn/windows-hardware/drivers/debugger/
- https://docs.microsoft.com/zh-cn/previous-versions/windows/embedded/gg157655(v=winembedded.80)
- https://docs.microsoft.com/zh-cn/windows-hardware/drivers/debugger/time-travel-debugging-overview
- https://docs.microsoft.com/zh-cn/previous-versions/visualstudio/visual-studio-2010/aa983363(v=vs.100) (vmx)
windbg preview & jsprovider
- https://github.com/benoitsevens/applying-ttd-to-malware-analysis
- https://github.com/Microsoft/WinDbg-Samples
- https://bbs.pediy.com/thread-246449.htm
- http://doar-e.github.io/blog/2017/12/01/debugger-data-model/
anti-anti-vm
vm
- https://github.com/nblog/Vm2Import
- https://github.com/can1357/NoVmp
- https://github.com/etsubu/NanoVM (x64)
- https://github.com/tboox/vm86
spy++
pe tool
- https://github.com/jovibor/Pepper
- https://github.com/Darkabode/amte
- https://www.pelock.com/products/string-encrypt
- https://www.pelock.com/products/obfuscator
- https://github.com/hasherezade/funky_malware_formats
- https://github.com/hasherezade/hollows_hunter (scan hook)
- https://github.com/hasherezade/pe-sieve
- https://github.com/hasherezade/bearparser
- https://github.com/hasherezade/libpeconv
- https://github.com/hasherezade/malware_analysis
- https://github.com/hasherezade/libpeconv_project_template
- https://github.com/hasherezade/libpeconv_wrappers
- https://github.com/hasherezade/process_doppelganging
- https://github.com/hasherezade/bee_parser
- https://github.com/hasherezade/pe_to_shellcode
- https://github.com/hasherezade/mal_unpack
- https://github.com/hasherezade/process_chameleon (modify exe path)
- https://github.com/hasherezade/loaderine
- https://github.com/hasherezade/chimera_loader
- https://github.com/YajS/NikPEViewer
tools
- https://github.com/codilime/veles
- https://github.com/glmcdona/strings2
- http://bytepointer.com/tools/index.htm#peupdate
- https://github.com/endgameinc/xori (Dissasemblers blackhat 2018)
- http://www.softpedia.com/get/Programming/Debuggers-Decompilers-Dissasemblers/
post-exploitation
- https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
- https://github.com/0x09AL/DNS-Persist (DNS C&C)
- https://github.com/francisck/DanderSpritz_lab
- https://github.com/francisck/DanderSpritz_docs
nsa security tools
- https://github.com/exploitx3/FUZZBUNCH
- https://github.com/fuzzbunch/fuzzbunch
- https://github.com/peterpt/fuzzbunch
apt
- https://github.com/Yeti-791/APT-Guide
- https://github.com/RedDrip7/APT_Digital_Weapon
- https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections
- https://github.com/kbandla/APTnotes
- https://attack.mitre.org/wiki/Groups
- https://github.com/fdiskyou/threat-INTel
3rd party library
- https://github.com/ez8-co/ezpp
- https://github.com/ez8-co/emock
- https://github.com/ez8-co/atomic
- https://github.com/ez8-co/linked_hash
- https://github.com/asmjit/asmjit (jit)
- https://github.com/acl-dev/acl
- https://github.com/kingsamchen/WinAntHttp
- https://github.com/kingsamchen/KAdBlockEngine
- https://github.com/kingsamchen/KLog
- https://github.com/kingsamchen/Eureka
- https://zh-cn.libreoffice.org/
- https://github.com/GiovanniDicanio/WinReg
- https://github.com/GiovanniDicanio/StopwatchWin32
- https://github.com/Wintellect/ProcMonDebugOutput
- https://github.com/GiovanniDicanio/ReadStringsFromRegistry
- https://github.com/GiovanniDicanio/Utf8ConvAtlStl
- https://github.com/GiovanniDicanio/StringPool
- https://github.com/GiovanniDicanio/MapWithCaseInsensitiveStringKey
- https://github.com/GiovanniDicanio/SafeArraySamples
- https://github.com/GiovanniDicanio/TestSSO
- https://github.com/GiovanniDicanio/DoubleNulTerminatedString
- https://github.com/GiovanniDicanio/LoadingCedictBenchmarkCpp
- https://github.com/GiovanniDicanio/TestStringSorting
- https://github.com/GiovanniDicanio/UnicodeConversions
- https://github.com/GiovanniDicanio/TestStringsAtlVsStl
- https://github.com/GiovanniDicanio/UnicodeConversionAtl
- https://github.com/GiovanniDicanio/StlVectorVsListPerformance
rpc
adblock
- https://github.com/adblockplus/adblockplusie
- https://github.com/adblockplus/adblockpluscore
- https://github.com/adblockplus/libadblockplus
bypass uac
- https://github.com/AzAgarampur/byeintegrity3-uac
- https://github.com/AzAgarampur/byeintegrity2-uac
- https://github.com/AzAgarampur/byeintegrity-uac
- https://github.com/sailay1996/UAC_Bypass_In_The_Wild
- https://github.com/hfiref0x/UACME
miscellaneous
- https://github.com/forrest-orr/artifacts-kit
- https://github.com/sailay1996/awesome_windows_logical_bugs
- https://github.com/rabbitstack/fibratus (https://github.com/rabbitstack/fibratus)
- https://github.com/theopolis/uefi-firmware-parser
- https://github.com/z175/kdmapper
- https://github.com/heckerli/netshield
- https://github.com/TalAloni/SMBLibrary
- https://www.unknowncheats.me/forum/c-and-c-/179852-ring0-random-string-generator-kernel-driver.html
- https://github.com/gztss/SerialTool (serial debug tool)
- https://github.com/platomav/CPUMicrocodes
- https://github.com/DavexPro/PocHunter
- https://github.com/Microsoft/Windows-universal-samples
- https://github.com/ionescu007/wnfun
- https://github.com/waryas/UMPMLib
- https://github.com/MeeSong/Windows_OS_Internals_Curriculum_Resource_Kit-ACADEMIC
- https://github.com/piaoyunsoft/WebRedemption
- https://github.com/sudoconf/http_encode
- https://github.com/wjcsharp/wintools
- https://github.com/nmgwddj/HttpSourceViewer
- https://github.com/nmgwddj/nvapi-example (Digital Vibrance Controls)
- https://github.com/n1nj4sec/memorpy
- https://github.com/TinyCC/tinycc
- https://github.com/msuhanov/regf (reg formats)
- https://github.com/beader/tianchi-3rd_security
- https://github.com/Schnocker/HLeaker
- http://www.geoffchappell.com/studies/windows/km/index.htm (reverse)
- https://github.com/AntiRootkit/HandleSpy
- https://github.com/securifera/HeapMonitor
- https://github.com/securifera/serviceFu
- https://github.com/mq1n/WSWatcher
- https://github.com/imagemlt/EasyKnife (CKnife)
- https://github.com/didi/kemon (macOS Kernel Monitoring Callback Framework)
- https://github.com/Microsoft/microsoft-pdb (pdb format)
- https://github.com/Darm64/XNU
- https://github.com/netromdk/bmod
- https://github.com/rgl/windows-domain-controller-vagrant
- https://github.com/panda-re/panda
- https://github.com/DarkSpiritz/DarkSpiritz
- https://rayanfam.com/topics/inline-assembly-in-x64/ (x64 inline asm)
- https://www.jianshu.com/p/15be72d919ff (traversing the icon on the desktop)
- https://github.com/nshalabi/SysmonTools
- https://github.com/nshalabi/ATTACK-Tools
- https://github.com/ExpLife0011/hf-2012
- https://github.com/tyranid/windows-attacksurface-workshop/ (2018)
- https://github.com/CherryPill/system_info
- https://github.com/muxq/DPAPI
- https://github.com/ExpLife/directntapi
- https://github.com/gaozan198912/myproject
- https://github.com/k0keoyo/ntoskrnl-symbol-pdb-and-undocument-structures
- https://github.com/gentilkiwi/p11proxy
- https://github.com/gentilkiwi/kekeo
- https://github.com/ExpLife/ByPassCfg
- https://github.com/hfiref0x/SXSEXP
- https://github.com/hfiref0x/VBoxHardenedLoader
- https://github.com/hfiref0x/SyscallTables
- https://github.com/hfiref0x/WinObjEx64
- https://github.com/Cr4sh/DbgCb
- https://github.com/Cr4sh/s6_pcie_microblaze
- https://github.com/ionescu007/SpecuCheck
- https://github.com/ionescu007/lxss
- https://github.com/intel/haxm
- https://github.com/akayn/Resources
- https://github.com/DarthTon/SecureEraseWin
- https://github.com/tinysec/windows-syscall-table
- https://github.com/tinysec/jsrt
- https://github.com/zodiacon/DriverMon
- https://github.com/zodiacon/GflagsX
- https://github.com/zodiacon/PEExplorer
- https://github.com/zodiacon/KernelExplorer
- https://github.com/zodiacon/AllTools
- https://github.com/zodiacon/WindowsInternals
- https://github.com/hackedteam/vector-silent
- https://github.com/hackedteam/core-packer
- https://github.com/hackedteam/vector-recover
- https://github.com/k33nteam/cc-shellcoding
- https://github.com/rwfpl/rewolf-wow64ext
- https://github.com/rwfpl/rewolf-x86-virtualizer
- https://github.com/rwfpl/rewolf-gogogadget
- https://github.com/rwfpl/rewolf-dllpackager
- https://github.com/Microsoft/ChakraCore
- https://github.com/google/symboliclink-testing-tools
- https://github.com/ptresearch/IntelME-JTAG
- https://github.com/smourier/TraceSpy
- https://github.com/G-E-N-E-S-I-S/tasklist-brutus
- https://github.com/G-E-N-E-S-I-S/token_manipulation
- https://github.com/jjzhang166/sdk
- https://github.com/killswitch-GUI/HotLoad-Driver
- https://github.com/killswitch-GUI/minidump-lib
- https://github.com/killswitch-GUI/win32-named-pipes-example
- https://github.com/Kelvinhack/ScreenCapAttack
- https://github.com/tyranid/oleviewdotnet
- https://github.com/tyranid/CANAPE.Core
- https://github.com/tyranid/DotNetToJScript
slides
- http://security.cs.rpi.edu/courses/binexp-spring2015
- https://rmusser.net/docs/
- https://keenlab.tencent.com/zh
blogs
- https://redogwu.github.io (kernel exp)
- https://docs.microsoft.com/zh-cn/windows-hardware/drivers/debugger/debug-universal-drivers--kernel-mode-#kernelmodedebuggingcommandsandtechniques (windbg help)
- http://www.dbgtech.net (windbg help)
- https://blog.csdn.net/hgy413/article/details/7054870 (windbg usage)
- https://guidedhacking.com (game hack)
- http://kdext.com/links.html
- http://www.reconstructer.org/papers/Hunting%20rootkits%20with%20Windbg.pdf
- https://www.slideshare.net/MSbluehat/bluehat-v18-memory-resident-implants-code-injection-is-alive-and-well
- https://www.sekoia.fr/blog
- https://docs.microsoft.com/en-us/windows-hardware/drivers/kernel/single-binary-opt-in-pool-nx-optin (VS WDK Config)
- https://blog.csdn.net/qq_18218335/article/details/77480475 (VS WDK Config)
- https://docs.microsoft.com/zh-cn/previous-versions//jj572863(v=vs.85) (VS WDK Config)
- https://blog.csdn.net/lpwstr/article/details/81190171 (VS WDK Config)
- http://www.yiiyee.cn/Blog/win8-driver/
- https://blog.csdn.net/liwen930723
- https://ktkitty.github.io/ (vul)
- https://secrary.com/RandomPosts
- http://www.mycode.net.cn/
- http://split-code.com
- http://eternalsakura13.com
- https://xiaodaozhi.com/
- https://blog.vicayang.cc/
- https://www.fwhibbit.es/sysmon-the-big-brother-of-windows-and-the-super-sysmonview
- https://dedbg.com/
- https://leguanyuan.blogspot.com
- http://www.geoffchappell.com/studies/windows/km/ntoskrnl/api/ex/profile/bugdemo.htm
- https://blog.can.ac
- https://b33t1e.github.io/2018/01/03/About-VMProtect/
- http://www.diting0x.com/
- http://lotabout.me/archives/ (write a c interpreter)
- http://2997ms.com/2016/10/09/2016/2016-9%E6%9C%88-%E5%90%AD%E5%93%A7%E5%92%94%E5%93%A7/
- http://www.trueai.cn/
- https://whereisk0shl.top
- https://www.anquanke.com/post/id/97245
- https://lifeinhex.com
- https://vallejo.cc/2017/11/18/installation-and-first-contact-with-the-new-windbg/
- http://www.vxjump.net/
- https://channel9.msdn.com/Shows/Defrag-Tools
- http://windbg.info/
- http://windbg.org/
- https://msdn.microsoft.com/en-us/library/windows/hardware/ff553217(v=vs.85).aspx
- http://www.andreybazhan.com/
- https://blogs.technet.microsoft.com/markrussinovich/
- http://undocumented.ntinternals.net/
- http://j00ru.vexillium.org/
- https://sysprogs.com/
- http://www.rohitab.com/
- https://sww-it.ru/
- http://blogs.microsoft.co.il/pavely/
- https://www.corelan.be/
- http://tombkeeper.blog.techweb.com.cn/
- http://www.zer0mem.sk/
- http://blog.rewolf.pl/blog/
- http://www.alex-ionescu.com/
- http://blog.cr4.sh/
- https://rootkits.xyz/
- https://ixyzero.com/blog/archives/3543.html
- https://whereisk0shl.top/
- http://www.triplefault.io/2017/09/enumerating-process-thread-and-image.html
- http://doar-e.github.io/blog/2017/12/01/debugger-data-model/
- https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/debugging-using-windbg-preview
- https://blog.xpnsec.com/
- https://www.fireeye.com/blog/threat-research/2018/01/simplifying-graphs-in-ida.html
- http://gosecure.net/2018/01/10/vmware-horizon-v4h-v4pa-desktop-agent-privilege-escalation-vulnerability-cve-2017-4946/
- http://www.msreverseengineering.com/blog/2018/1/23/a-walk-through-tutorial-with-code-on-statically-unpacking-the-finspy-vm-part-one-x86-deobfuscation
sec tools
waf
web security research site
- https://pagedout.institute/
- https://github.com/frizb/Bypassing-Web-Application-Firewalls (bypass waf)
- http://malware-traffic-analysis.net
- https://malwaretips.com/
- https://www.sec-wiki.com
- https://www.anquanke.com/
- http://xuanwulab.github.io/cn/secnews/2018/02/08/index.html
- http://www.vxjump.net/
- https://www.pediy.com/
- https://navisec.it/
- http://www.secbang.com/
development documents
browser automated test
docker
leaked source code
- https://github.com/cocus/openmsvbvm
- https://github.com/misterch0c/shadowbroker (NSA)
- https://github.com/pustladi/Windows-2000
- https://github.com/killbug2004/NT_4.0_SourceCode
- https://github.com/pustladi/TrueCrypt-7.2
- https://github.com/pustladi/MS-DOS-v.1.1
- https://github.com/pustladi/MS-DOS-v.2.0
sspi
- https://github.com/deemru/msspi
- https://github.com/vletoux/DetectPasswordViaNTLMInFlow
- https://github.com/judek/sspiauthenticate
- https://github.com/BobCatC/xSspi
- https://github.com/sishtiaq/SampleSSPICode
- https://github.com/liamkirton/sslpyfilter
- https://github.com/bschlenk/gsspp
openssl
- https://github.com/square/certstrap (go)
- https://github.com/hioa-cs/IncludeOS/blob/fd92a5394b493b5b645b2123966d38c1576df250/src/net/https/openssl_server.cpp#L72
- https://github.com/robertblackwell/marvincpp
- https://github.com/equalitie/ouinet
- https://github.com/LiTianjue/mite-note
- https://blog.csdn.net/dotalee/article/details/78041691
- https://www.cnblogs.com/kennyhr/p/3746048.html
pdb
gpu
crypto api
- https://github.com/tplgy/cppcodec (c++11 base64)
- https://github.com/maldevel/AES256
- https://github.com/wbenny/mini-tor
- https://github.com/wyrover/CryptoAPI-examples
- https://github.com/fmuecke/CryptoApi
- https://github.com/ViartX/CacheCrypto
- https://github.com/Deerenaros/CryptoAPIWrapper
- https://github.com/maldevel/SHA256
- https://github.com/13g10n/crypto
ipc
iot sec
ascii banner
book code
- https://github.com/yifengyou/32to64
- https://github.com/elephantos/elephant
- https://github.com/yifengyou/Android-software-security-and-reverse-analysis
- https://github.com/yifengyou/Code-virtualization-and-automation-analysis
- https://github.com/yifengyou/Software-protection-and-analysis-techniques---principles-and-practices
- https://github.com/yifengyou/X86-assembly-language-from-real-mode-to-protection-mode
regex
paper
- https://github.com/wcventure/PC-Malware-Sklearner
- https://www.virusbulletin.com/uploads/pdf/conference_slides/2018/Svajcer-VB2018-KernelModeAnalysis.pdf (windbg usage)
- https://hitcon.org/2018/CMT/slide-files/d1_s5_r0.pdf?v=2 (game cheat)
- https://github.com/tyranid/WindowsRuntimeSecurityDemos
- https://translation-zh-cn.readthedocs.io/zh_CN/
- https://speakerdeck.com
ebook
- https://github.com/Bypass007/Emergency-Response-Notes
- https://github.com/yifengyou/The-design-and-implementation-of-a-64-bit-operating-system
- https://github.com/firmianay/CTF-All-In-One
- https://github.com/cfenollosa/os-tutorial
- https://github.com/Snowming04/The-Hacker-Playbook-3-Translation
- https://github.com/xuanhun/PythonHackingBook1
- https://github.com/xapax/security
- https://github.com/chryzsh/DarthSidious (AD Domain hack)
- https://github.com/chryzsh/practical-hacking
- http://www.foxebook.net/
ctf
- https://github.com/boogy/ctfbox
- https://github.com/Ignitetechnologies/Privilege-Escalation
- https://github.com/ktecv2000/How-to-play-CTF
pentest
- https://github.com/hudunkey/Red-Team-links
- https://github.com/xiaoy-sec/Pentest_Note
- https://github.com/taielab/Taie-Bugbounty-killer
- https://github.com/Dm2333/ATTCK-PenTester-Book
- https://github.com/hongriSec/Web-Security-Attack
- https://github.com/jiansiting/Kali-Windows
- https://github.com/uknowsec/Active-Directory-Pentest-Notes
- https://micro8.gitbook.io/micro8/
- https://github.com/aleenzz/Cobalt_Strike_wiki
- https://github.com/l3m0n/pentest_study
- https://github.com/l3m0n/pentest_tools
- https://github.com/l3m0n/linux_information
wpad/pac
- https://github.com/marx-yu/ProxyParser
- http://www.devnotes.in/2014/11/08/auto-proxy-settings-with-PAC.html
- http://www.lybbn.cn/data/datas.php?yw=76
- https://blog.huzhifeng.com/2017/07/16/PAC/
- https://github.com/manugarg/pacparser
javascript
js obfuscator/deobfuscator
- https://beautifier.io/
- https://tool.lu/js/
- https://www.52pojie.cn/thread-128803-1-1.html
- http://www.kahusecurity.com/2011/javascript-deobfuscation-tools-part-1/
- http://www.kahusecurity.com/2011/javascript-deobfucation-tools-part-2/
- http://deobfuscatejavascript.com/
- http://js.pnote.net/#/js
js reverse engine
- https://blog.csdn.net/weixin_43189702/article/details/103171967
- https://github.com/xianyucoder/Crack-JS
- https://github.com/freedom-wy/js-reverse
- https://github.com/maxnoodles/js_decrypt
- https://github.com/DingZaiHub/PythonSpider
decompiler
encryption/decryption tools
english
downloader
python
- https://github.com/wistbean/learn_python3_spider
- https://github.com/Kr1s77/awesome-python-login-model
- https://github.com/Kr1s77/Python-crawler-tutorial-starts-from-zero
- https://github.com/jackfrued/Python-100-Days
golang
puppeteer
- https://github.com/GoogleChrome/puppeteer/blob/v1.20.0/docs/api.md
- https://zhaoqize.github.io/puppeteer-api-zh_CN
- https://github.com/csbun/thal
- https://www.yuque.com/imhelloworld/share-day/no8xoc
- https://blog.csdn.net/qupan1993/article/details/85371556
- https://www.php.cn/js-tutorial-399252.html
java
- http://www.52im.net/thread-28-1-1.html (beautyeye GUI)
- https://github.com/JackJiang2011/beautyeye (beautyeye GUI)
- https://blog.csdn.net/pinlantu/article/details/83957672
android
- https://qmuiteam.com/android
- https://github.com/FadedYu/Framework_Android
- https://blog.csdn.net/aqi00/article/details/50012511
- https://github.com/xuexiangjys/XUI (UI)
- https://github.com/joinAero/AndroidWebServ
- https://github.com/lopspower/AndroidWebServer
- https://clean-apps.github.io/CleanSCAN/
- https://github.com/devinhu/androidone
- https://github.com/shishuo365/PinyinIME
- https://github.com/angcyo/RJcenter (Common lib)
- https://github.com/ChenLittlePing/LearningVideo (FFmpeg)
- https://github.com/AriesHoo/FastLib
- https://github.com/devinhu/androidone
- https://github.com/afkT/DevUtils
- https://github.com/smuyyh/CommonLibary
- https://github.com/frodoking/App-Architecture
- https://github.com/ddnosh/AndroidQuick
- https://github.com/fly803/BaseProject
- https://blog.csdn.net/fukaimei/category_7160796.html
- https://github.com/chenyufeng1991/BaiduMap-TrafficAssistant
- https://github.com/naivor/naivorapp
- https://github.com/u014427391/elemeimitate (ele)
- https://github.com/leavesC/AndroidAllGuide
- https://github.com/lzan13/VMChat
- https://github.com/open-android/hellocharts-android
- https://github.com/sps135/wechatbysimple
- https://github.com/smart005/okandroid
- https://github.com/decadezuo/DZAgile
- https://github.com/jiankian/AnnZone
- https://github.com/xiaojigou/XJGARSDKDemoApp-Android
- https://github.com/mCyp/Orient-Ui
- https://github.com/xuexiangjys/XUpdate (Update)
- https://github.com/onestravel/playSound (fmod)
- https://github.com/onestravel/QQVoiceChange (fmod)
- https://github.com/virjar/zelda
android reverse engine
- https://github.com/Efaker/FakerAndroid
- https://github.com/zhangke3016/VirtualUETool
- https://github.com/r0ysue/AndroidSecurityStudy
- https://github.com/JesusFreke/smali
- https://bitbucket.org/JesusFreke/smali
- https://github.com/pxb1988/dex2jar
- https://github.com/java-decompiler/jd-gui
- https://github.com/skylot/jadx
- https://github.com/Konloch/bytecode-viewer
- https://github.com/MobSF/Mobile-Security-Framework-MobSF
xposed
Frida
library
awesome-windows-kernel-security-development
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].