Pinned Repositories
30dayMakeOS
《30天自制操作系统》源码中文版。自己制作一个操作系统(OSASK)的过程
996.ICU
Repo for counting stars and contributing. Press F to pay respect to glorious developers.
Ablation
Ablation is a tool for augmenting static analysis by extracting information at runtime, and importing it into IDA. It can resolve virtual calls, reveal interesting code, exclude heavily traversed regions, identify untested or undocumented features, visually diff samples, or perform root cause analysis simply by running samples. My favourite however is the virtual call resolution with fully interactive x-refs. It's simple, elegant, and disassembled C++ reads like C! It helps me time and time again.
AcpiTool-1
Detect or invoke ACPI method in windows system.
lkvm
Native Linux KVM Tool
minix
Official MINIX sources - Automatically replicated from gerrit.minix3.org
NoVmp
Static devirtualizer for VMProtect x64 3.x. powered by VTIL.
os
Minoca operating system
RakNet
RakNet is a cross platform, open source, C++ networking engine for game programmers.
ShellCodeFramwork
ShellCode框架,用C++开发,方便编写ShellCode
0xhellord's Repositories
0xhellord/NoVmp
Static devirtualizer for VMProtect x64 3.x. powered by VTIL.
0xhellord/btrfs
WinBtrfs - an open-source btrfs driver for Windows
0xhellord/cheat-engine
Cheat Engine. A development environment focused on modding
0xhellord/DetoursX
Kernel-Mode extended version of https://github.com/microsoft/Detours
0xhellord/dpt-shell
Android函数抽取壳实现
0xhellord/findcrypt-yara
IDA pro plugin to find crypto constants (and more)
0xhellord/glorytun
Multipath UDP tunnel
0xhellord/HackSysExtremeVulnerableDriver
HackSys Extreme Vulnerable Windows Driver
0xhellord/hide_execute_memory
隐藏可执行内存
0xhellord/IddSampleDriver
Add virtual monitors to your windows 10 device! Works with Oculus software, obs, and any desktop sharing software
0xhellord/InfinityHookPro
InfinityHookPro Win7 -> Win11 latest
0xhellord/kernel_window_hide
内核级别隐藏指定窗口
0xhellord/libpeconv
A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl
0xhellord/llvmanalyzer
笔者在一款基于LLVM编译器架构的retdec开源反编译器工具的基础上,融合了klee符号执行工具,通过符号执行(Symbolic Execution)引擎动态模拟反编译后的llvm的ir(中间指令集)运行源程序的方法,插桩所有的对x86指令集的thiscall类型函数对this指针结构体(也就是rcx寄存器,简称this结构)偏移量引用,经行分析汇总后自动识别this结构体的具体内容,并自动集成导入ida工具辅助分析.
0xhellord/MiniVisorPkg
The research UEFI hypervisor that supports booting an operating system.
0xhellord/NimGetSyscallStub
Get fresh Syscalls from a fresh ntdll.dll copy
0xhellord/NoScreen
Hiding the window from screenshots using the function win32kfull::ChangeWindowTreeProtection
0xhellord/NtRays
Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.
0xhellord/OpenDiskless
Open Source Diskless Solution
0xhellord/ProcMonXv2
Process Monitor X v2
0xhellord/quibble
Quibble - the custom Windows bootloader
0xhellord/Reverse-Engineering-1
A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
0xhellord/Sandboxie
Sandboxie - Open Source
0xhellord/SystemExplorer
Windows System Explorer
0xhellord/Tigress_protection
Playing with the Tigress software protection. Break some of its protections and solve their reverse engineering challenges. Automatic deobfuscation using symbolic execution, taint analysis and LLVM.
0xhellord/tiny_tracer
A Pin Tool for tracing API calls etc
0xhellord/ucxxrt
The Universal C++ RunTime library, supporting kernel-mode C++ exception-handler and STL.
0xhellord/WinDbg-Samples
Sample extensions, scripts, and API uses for WinDbg.
0xhellord/windowskernelprogrammingbook2e
Samples for the book Windows Kernel Programming, 2nd edition
0xhellord/winnie
Winnie is an end-to-end system that makes fuzzing Windows applications easy