kkent030315 / Van1338

Related projects: ⓘ

• Azvanzed / CVE-2024-44083
  Makes IDA (most versions) to crash upon opening it.
  ☆52Updated 3 weeks ago
• tandasat / CVE-2024-21305
  Report and exploit of CVE-2024-21305.
  ☆29Updated 8 months ago
• m417z / x64dbg-symbol-tldr
  An x64dbg plugin which helps make sense of long C++ symbols
  ☆58Updated last year
• tandasat / CVE-2023-36427
  Report and exploit of CVE-2023-36427
  ☆86Updated 9 months ago
• alfarom256 / HPHardwareDiagnostics-PoC
  PoC exploit for HP Hardware Diagnostic's EtdSupp driver
  ☆50Updated last year
• gabriellandau / ShadowStackWalk
  Finding Truth in the Shadows
  ☆81Updated last year
• m417z / LdrDllNotificationHook
  Hook all callbacks which are registered with LdrRegisterDllNotification
  ☆79Updated last year
• Internet-2-0 / Malcore-x64dbg
  This x64dbg plugin allows you to upload your sample to Malcore and view the results.
  ☆31Updated last year
• D4stiny / ExceptionOrientedProgramming
  Abusing exceptions for code execution.
  ☆104Updated last year
• rbmm / NtDetours
  Detours implementation (x64/x86) which used only ntdll import
  ☆85Updated 3 months ago
• eset / wslink-vm-analyzer
  WslinkVMAnalyzer is a tool to facilitate analysis of code protected by a virtual machine featured in Wslink malware
  ☆45Updated 2 years ago
• xforcered / Windows_MSKSSRV_LPE_CVE-2023-36802
  LPE exploit for CVE-2023-36802
  ☆21Updated 11 months ago
• 3intermute / ramiel
  uefi diskless persistence technique + OVMF secureboot bypass
  ☆50Updated 4 months ago
• connormcgarr / EATGuard
  Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)
  ☆91Updated last year
• rad9800 / VehApiResolve
  ☆96Updated 2 years ago
• hasherezade / flareon2023
  ☆25Updated 10 months ago
• VoidSec / ioctlpus
  IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).
  ☆81Updated 2 years ago
• sh4m2hwz / devirt_vmp
  devirtualization vmprotect
  ☆59Updated last year
• oberrich / phnt-rs
  Rust bindings to the System Informer's (formerly known as Process Hacker) "phnt" native Windows headers
  ☆35Updated this week
• alfarom256 / drivers_and_shit
  ☆56Updated 2 years ago
• Dump-GUY / IDA_PHNT_TYPES
  Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).
  ☆101Updated 3 weeks ago
• shaygitub / windows-rootkit
  windows rootkit
  ☆50Updated 4 months ago
• carlos-al / user-kernel-syscall-hook
  ☆75Updated 3 months ago
• KasperskyLab / hrtng
  IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformati…
  ☆101Updated 2 weeks ago
• 0vercl0k / symbolizer-rs
  A fast execution trace symbolizer for Windows that runs on all major platforms and doesn't depend on any Microsoft libraries.
  ☆84Updated last month
• greyb1t / GreyM
  Me fockin' pe protector
  ☆45Updated last year
• worawit / malk
  Demonstrate calling a kernel function and handle process creation callback against HVCI
  ☆46Updated last year
• zer0condition / Demystifying-PatchGuard
  Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…
  ☆100Updated last year
• not-matthias / kernel-log-rs
  A minimalistic logger for Windows Kernel Drivers.
  ☆20Updated 6 months ago
• ergrelet / themida-spotter-bn
  A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.
  ☆62Updated last month