Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

exploit termdd.sys(support kb4499175)

ClanLib is a cross platform C++ toolkit library.

PcapPlusPlus is a multiplatform C++ library for capturing, parsing and crafting of network packets. It is designed to be efficient, powerful and easy to use. It provides C++ wrappers for the most p…

Google Chrome for Windows 7 (cracklab)

adb for Windows

BINSEC binary-level open-source platform

An anti detection version frida-server for android.

PE bin2bin obfuscator

alternative smm driver for ryzen motherboards

Yet another llvm based obfuscator based on goron.

A vulnerable driver exploited by me (BYOVD) that is capable of terminating several EDRs and antivirus software in the market, rendering them ineffective, working for both x32 and x64(CVE-2023-44976).

A list of excellent resources for anyone to deepen their understanding with regards to Windows Kernel Exploitation and general low level security.

IDA plugin which queries Local language models to speed up reverse-engineering

Load your driver like win32k.sys

A V2Ray client for Android, builtin lots of available servers, 安卓小火箭官方库，内置大量免费节点，欢迎下载体验。

模仿着写一个 chrome 插件，用来快速调试前端 js 代码。

C# Kernel Mode Driver to read and write memory in protected processes

Exploitable drivers, you know what I mean

x64 Dynamic Reverse Engineering Toolkit

Bypassing PatchGuard on modern x64 systems

Inline syscalls made for MSVC supporting x64 and x86

Recursive and arbitrary code execution at kernel-level without a system thread creation

Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unauthorized modifications to the Windows kernel. The analysis is…

CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you can easily see the real IP of websites that have been protected by CloudFlare. The resulting infor…

Dynamically generated obfuscated jumps and/or function calls

Allocate memory in the kernel & r/w control registers with a vulnerable driver.