GoodbyeDPI — Deep Packet Inspection circumvention utility (for Windows)

SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.

Windows KASLR bypass using prefetch side-channel

Kernel ReClassEx

Windows kernel hacking framework, driver template, hypervisor and API written on C++

BattlEye shellcodes tester

PoC Anti-Rootkit to uncover Windows Drivers/Rootkits mapped to Kernel Memory.

Unreal source explained, based on profilers.

This repository delves into the Enhanced Anti-Cheat (EAC) system, examining both the paid EAC and the free EOC versions. It offers comprehensive code resources and the EAC Software Development Kit …

UEFI shim loader

This tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots.

Reversing EasyAntiCheat.

Simple tool to configure Windows Filtering Platform (WFP) which can configure network activity on your computer.

A slightly more fun way to disable windows defender + firewall. (through the WSC api)

Keystone assembler framework: Core (Arm, Arm64, Hexagon, Mips, PowerPC, Sparc, SystemZ & X86) + bindings

nmi stackwalking + module verification

Finding Truth in the Shadows

A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.

etw hook (syscall/infinity hook) compatible with the latest Windows version of PG

Small driver that uses alternative syscalls feature (the project is still under development).

IDA Plugin to automatically identify and set enums for standard functions

The original sources of MS-DOS 1.25, 2.0, and 4.0 for reference purposes

IDApython Scripts for Analyzing Golang Binaries

ELF file viewer/editor for Windows, Linux and MacOS.