kkent030315 / Van1338
A journal for $6,000 Riot Vanguard bounty.
☆57Updated 11 months ago
Related projects: ⓘ
- Makes IDA (most versions) to crash upon opening it.☆52Updated 3 weeks ago
- Report and exploit of CVE-2024-21305.☆29Updated 8 months ago
- An x64dbg plugin which helps make sense of long C++ symbols☆58Updated last year
- Report and exploit of CVE-2023-36427☆86Updated 9 months ago
- PoC exploit for HP Hardware Diagnostic's EtdSupp driver☆50Updated last year
- Finding Truth in the Shadows☆81Updated last year
- Hook all callbacks which are registered with LdrRegisterDllNotification☆79Updated last year
- This x64dbg plugin allows you to upload your sample to Malcore and view the results.☆31Updated last year
- Abusing exceptions for code execution.☆104Updated last year
- Detours implementation (x64/x86) which used only ntdll import☆85Updated 3 months ago
- WslinkVMAnalyzer is a tool to facilitate analysis of code protected by a virtual machine featured in Wslink malware☆45Updated 2 years ago
- LPE exploit for CVE-2023-36802☆21Updated 11 months ago
- uefi diskless persistence technique + OVMF secureboot bypass☆50Updated 4 months ago
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆91Updated last year
- ☆96Updated 2 years ago
- ☆25Updated 10 months ago
- IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).☆81Updated 2 years ago
- devirtualization vmprotect☆59Updated last year
- Rust bindings to the System Informer's (formerly known as Process Hacker) "phnt" native Windows headers☆35Updated this week
- ☆56Updated 2 years ago
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆101Updated 3 weeks ago
- windows rootkit☆50Updated 4 months ago
- ☆75Updated 3 months ago
- IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformati…☆101Updated 2 weeks ago
- A fast execution trace symbolizer for Windows that runs on all major platforms and doesn't depend on any Microsoft libraries.☆84Updated last month
- Me fockin' pe protector☆45Updated last year
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆46Updated last year
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆100Updated last year
- A minimalistic logger for Windows Kernel Drivers.☆20Updated 6 months ago
- A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.☆62Updated last month