nofiv
Follow
Stars
Slides & Hands-on for the reverse engineering workshop
Disable PatchGuard and Driver Signature Enforcement at boot time
Global user-mode hooking framework, based on AppInit_DLLs. The goal is to allow you to rapidly develop hooks to inject in an arbitrary process.
TTexplore is a library that performs path exploration on binary code using symbolic execution
A rewrite of the old legacy software "depends.exe" in C# for Windows devs to troubleshoot dll load dependencies issues.
A standalone DLL that exports databases in cleartext once injected in the KeePass process.
Collection of various malicious functionality to aid in malware development
Toolkit to emulate firmware and analyse it for security vulnerabilities
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.
PCI Express DIY hacking toolkit for Xilinx SP605. This repository is also home of Hyper-V Backdoor and Boot Backdoor, check readme for links and info
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents
Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.
IDA plugin for UEFI firmware analysis and reverse engineering automation
Monitoring and controlling kernel API calls with stealth hook using EPT
Arsenal is just a quick inventory and launcher for hacking programs
My musings with PowerShell
A lightweight LLVM python binding for writing JIT compilers
A True Instrumentable Binary Emulation Framework