Stars
malwarezone / herpaderping
Forked from jxy-s/herpaderpingProcess Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.
exploit termdd.sys(support kb4499175)
PcapPlusPlus is a multiplatform C++ library for capturing, parsing and crafting of network packets. It is designed to be efficient, powerful and easy to use. It provides C++ wrappers for the most p…
Google Chrome for Windows 7 (cracklab)
An anti detection version frida-server for android.
A vulnerable driver exploited by me (BYOVD) that is capable of terminating several EDRs and antivirus software in the market, rendering them ineffective, working for both x32 and x64(CVE-2023-44976).
A list of excellent resources for anyone to deepen their understanding with regards to Windows Kernel Exploitation and general low level security.
IDA plugin which queries Local language models to speed up reverse-engineering
A V2Ray client for Android, builtin lots of available servers, 安卓小火箭官方库,内置大量免费节点,欢迎下载体验。
C# Kernel Mode Driver to read and write memory in protected processes
Exploitable drivers, you know what I mean
wbaby / ReverseKit
Forked from zer0condition/ReverseKitx64 Dynamic Reverse Engineering Toolkit
wbaby / PatchGuardBypass
Forked from AdamOron/PatchGuardBypassBypassing PatchGuard on modern x64 systems
wbaby / inline-syscall
Forked from nbs32k/inline-syscallInline syscalls made for MSVC supporting x64 and x86
Recursive and arbitrary code execution at kernel-level without a system thread creation
Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unauthorized modifications to the Windows kernel. The analysis is…
wbaby / CloudPeler
Forked from zidansec/CloudPelerCrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you can easily see the real IP of websites that have been protected by CloudFlare. The resulting infor…
Dynamically generated obfuscated jumps and/or function calls
wbaby / Windows-10-22H2-Vulnerable-driver-communication
Forked from gmh5225/Windows-10-22H2-Vulnerable-driver-communicationAllocate memory in the kernel & r/w control registers with a vulnerable driver.