Alternatives and similar repositories for writeups

Users that are interested in writeups are comparing it to the libraries listed below

• BehroozAbbassi / DriverAnalyzer
  A static analysis tool that helps security researchers scan a list of Windows kernel drivers for common vulnerability patterns in drivers…
  ☆71Updated 4 years ago
• hasherezade / pe_utils
  A set of small utilities, helpers for PIN tracers
  ☆35Updated 2 months ago
• jackullrich / Windows-API-Fuzzer
  Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.
  ☆99Updated 5 years ago
• h0mbre / Windows-Exploits
  ☆90Updated 5 years ago
• msuiche / smbaloo
  ☆48Updated 5 years ago
• 0vercl0k / CVE-2021-32537
  PoC for CVE-2021-32537: an out-of-bounds memory access that leads to pool corruption in the Windows kernel.
  ☆57Updated 4 years ago
• therealdreg / cgaty
  Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)
  ☆74Updated 2 years ago
• Truneski / WindowsKernelProgramming-Exercises
  ☆51Updated 5 years ago
• yardenshafir / conference_talks
  Slides from various conference talks
  ☆37Updated 2 years ago
• IOActive / kmdf_re
  Helper idapython code for reversing kmdf drivers
  ☆74Updated 3 years ago
• bluefrostsecurity / Meltdown-KVA-Shadow-Leak
  ☆49Updated 5 years ago
• thebabush / dumb-obfuscator
  Tutorial on how to write the dumbest obfuscator I could think of.
  ☆178Updated 5 years ago
• ionescu007 / hazmat5
  Local OXID Resolver (LCLOR) : Research and Tooling
  ☆37Updated 4 years ago
• redplait / pexphide
  PoC for hiding PE exports
  ☆67Updated 5 years ago
• RITRedteam / goofkit
  In line function hooking LKM rootkit
  ☆52Updated 5 years ago
• hasherezade / pin_n_sieve
  An experimental dynamic malware unpacker based on Intel Pin and PE-sieve
  ☆63Updated last year
• EgeBalci / IAT_API
  Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.
  ☆78Updated 2 years ago
• ohjeongwook / ShellCodeEmulator
  Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment
  ☆124Updated 5 years ago
• DownWithUp / DynamicKernelShellcode
  An example of how x64 kernel shellcode can dynamically find and use APIs
  ☆104Updated 5 years ago
• d00rt / ebfuscator
  Ebfuscator: Abusing system errors for binary obfuscation
  ☆52Updated 5 years ago
• h311d1n3r / HellTracer
  A Linux x86/x86-64 tool to trace registers and memory regions.
  ☆40Updated 3 years ago
• D4stiny / ExceptionOrientedProgramming
  Abusing exceptions for code execution.
  ☆113Updated 2 years ago
• hasherezade / funky_malware_formats
  Parsers for custom malware formats ("Funky malware formats")
  ☆98Updated 3 years ago
• BehroozAbbassi / sdkffi
  A code parser for C-Style header files that lets you to parse function's prototypes and data types used in their parameters.
  ☆94Updated 3 years ago
• ohjeongwook / windows_sdk_data
  Windows API listing in JSON format - generated from SDK headers + SDK API documentation
  ☆66Updated 5 years ago
• DownWithUp / CVE-Stockpile
  Master list of all my vulnerability discoveries. Mostly 3rd party kernel drivers.
  ☆49Updated 5 years ago
• 0vercl0k / symbolizer
  A fast execution trace symbolizer for Windows.
  ☆129Updated last year
• NtRaiseHardError / Kaiser
  Fileless persistence, attacks and anti-forensic capabilties.
  ☆93Updated 7 years ago
• hidd3ncod3s / WindowsAPIhash
  Windows API Hashes used in the malwares
  ☆42Updated 10 years ago
• EliseZeroTwo / SEH-Helper
  Binary Ninja plugin for exploring Structured Exception Handlers
  ☆82Updated last year