Windows memory hacking library

Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).

Hook system calls, context switches, page faults and more.

Static analyzer for C/C++ based on the theory of Abstract Interpretation.

Disable PatchGuard and Driver Signature Enforcement at boot time

Alternative Shellcode Execution Via Callbacks

A Dynamic Binary Instrumentation framework based on LLVM.

Repository for materials of "Modern fuzzing of C/C++ Projects" workshop.

Monitoring and controlling kernel API calls with stealth hook using EPT

Binary, coverage-guided fuzzer for Windows, macOS, Linux and Android

A memory scanning evasion technique

DLL scatter manual mapper

Pintool example and PoC for dynamic binary analysis

Some C++ example code to demonstrate how to perform code similarity searches using SimHashing.

Smashing The Browser: From Vulnerability Discovery To Exploit

TrueType and OpenType font fuzzing toolset

Integrate Ghidra's decompiler as an Ida plugin

idenLib - Library Function Identification [This project is not maintained anymore]

Windows - Weaponizing privileged file writes with the Update Session Orchestrator service

Fuzzer for Linux Kernel Drivers

Manul is a coverage-guided parallel fuzzer for open-source and blackbox binaries on Windows, Linux and MacOS

PatchGuard Research

Automatically generate AV byte signatures from sets of similar binaries.

[yvm] low performance garbage-collectable jvm

Constraint solver based on coverage-guided fuzzing

Self-hosting binary instrumentation framework for security research

ScyllaHide for IDA7.5; ScyllaHide IDA7.5; It is a really niccccccce anti-anti-debug tool

Code from this article: https://blog.rapid7.com/2018/05/03/hiding-metasploit-shellcode-to-evade-windows-defender/

A novel technique to hide code from debuggers & disassemblers