ufrisk / presentations

Related projects: ⓘ

• ainfosec / ecr_toolkit
  ☆27Updated 6 years ago
• depletionmode / wsIPC
  Working Set Page Cache side-channel IPC PoC
  ☆66Updated 5 years ago
• secrary / findLoop
  findLoop - find possible encryption/decryption or compression/decompression code
  ☆25Updated 5 years ago
• Sentinel-One / SKREAM
  SentinelOne's KeRnel Exploits Advanced Mitigations
  ☆50Updated 5 years ago
• mavlevin / DisableDynamicLoadAddress
  Patch a Windows PE (.exe, .dll, etc..) so it no longer loads with a random dynamic base. Saves changing breakpoint addresses between debu…
  ☆15Updated 4 years ago
• mit-ll / LO-PHI
  Low-Observable Physical Host Instrumentation: A suite of tools supporting introspection and semantic gap reconstruction for both physical…
  ☆28Updated 8 years ago
• bootkitsbook / fwimplants
  ☆33Updated 3 years ago
• 86hh / MAGIK.A
  ☆11Updated this week
• nsacyber / Driver-Collider
  Blocks drivers from loading by using a name collision technique. #nsacyber
  ☆44Updated 6 years ago
• nccgroup / ICPin
  An Integrity-Check Monitoring Pintool
  ☆56Updated 3 years ago
• kukfa / bindbg
  Binary Ninja plugin that syncs WinDbg to Binary Ninja
  ☆47Updated 6 years ago
• revolver-ocelot-saa / GhidraX64Dbg
  Extract annoations from Ghidra into an X32/X64 dbg database
  ☆56Updated 3 years ago
• bootkitsbook / bootkits
  ☆60Updated 5 years ago
• codingtest / r0ak
  r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems
  ☆27Updated 6 years ago
• GitMirar / meltdown-poc
  A PoC implementation of the meltdown attack described in https://meltdownattack.com/meltdown.pdf
  ☆134Updated 6 years ago
• own2pwn / r0ak
  r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems
  ☆25Updated 6 years ago
• thunderclap-io / thunderclap-qemu
  Thunderclap QEMU-based network card emulation
  ☆25Updated last year
• Cisco-Talos / FIRST-server
  ☆32Updated 3 months ago
• Winbagility / Winbagility
  [ARCHIVED] mov rax, ${Thalium/IceBox}; jmp rax;
  ☆72Updated 5 years ago
• marcusbotacin / Anti.Analysis
  Malware Analysis, Anti-Analysis, and Anti-Anti-Analysis
  ☆43Updated 7 years ago
• rcanzanese / SystemCallService
  Process / thread-level system call tracer for Windows 7 / 8 / 2008 / 2012
  ☆20Updated 9 years ago
• embedi / meitools
  ☆38Updated this week
• aguinet / miasm-bootloader
  x86 bootloader emulation with Miasm (case of NotPetya)
  ☆40Updated 5 years ago
• Fmk0 / templates
  ☆36Updated 4 years ago
• 86hh / POC-viruses
  POC viruses I have created to demo some ideas
  ☆58Updated 4 years ago
• zodiacon / InterceptionDemo
  Sample showing the use of CoGetInterceptor
  ☆21Updated 3 years ago
• BjornRuytenberg / spiblock
  Configure SPI flash write protection.
  ☆23Updated 4 years ago
• mgrube / DragonKing
  Open Source Rootkit
  ☆21Updated 7 years ago
• tekwizz123 / HEVD-Exploit-Solutions
  Solutions to HackSysExtremeVulnerableDriver challenges though my following of @FuzzySecurity's tutorials plus futher explanations where n…
  ☆21Updated 7 years ago
• Prevenity / malware_monitor
  Malware monitor template based on MinHook
  ☆16Updated 9 years ago