Pinned Repositories
-
学习Windows内核驱动编程
al-khvm-
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
Anti-Debugging
A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
Anti-VM
Windows-based implementation of several anti-vm techniques used in malware development.
BadCode
恶意代码逃逸源代码 http://payloads.online
BestEdrOfTheMarket
Little user-mode AV/EDR evasion lab for training & learning purposes
Blackbone
Windows memory hacking library
book
리버싱 핵심원리 - 소스 코드 및 실습 예제
EtwHookDbg
WindowsExploitationResources
Resources for Windows exploit development
10010100111000's Repositories
10010100111000/EtwHookDbg
10010100111000/WindowsExploitationResources
Resources for Windows exploit development
10010100111000/al-khvm-
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
10010100111000/Anti-Debugging
A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
10010100111000/Anti-VM
Windows-based implementation of several anti-vm techniques used in malware development.
10010100111000/BadCode
恶意代码逃逸源代码 http://payloads.online
10010100111000/BestEdrOfTheMarket
Little user-mode AV/EDR evasion lab for training & learning purposes
10010100111000/Blackbone
Windows memory hacking library
10010100111000/dirver_learn_-
10010100111000/DMA
Direct Memory Access (DMA) Attack Software
10010100111000/Hands-On-Network-Programming-with-C
Lewis Van Winkle使用 C 进行网络编程实践书籍代码
10010100111000/HandyScreenshot
A screenshot software developed by C#/wpf.
10010100111000/KasperskyHook
Hook system calls on Windows by using Kaspersky's hypervisor
10010100111000/KDP-compatible-driver-loader
KDP compatible unsigned driver loader leveraging a write primitive in one of the IOCTLs of gdrv.sys
10010100111000/kernel_window_hide
内核级别隐藏指定窗口
10010100111000/PE-
10010100111000/PSBits
Simple (relatively) things allowing you to dig a bit deeper than usual.
10010100111000/sdk-api
Public contributions for win32 API documentation
10010100111000/SetThreadContextCall
Remote set thread context call any function
10010100111000/Simple-RunPE-Process-Hollowing
The RunPE program is written in C# to execute a specific executable file within another files memory using the ProcessHollowing technique.
10010100111000/SuperSocket
SuperSocket is a light weight, cross platform and extensible socket server application framework.
10010100111000/TestVVT
10010100111000/VmWareThrough
10010100111000/VX-API
Collection of various malicious functionality to aid in malware development
10010100111000/WinArk
Windows Anti-Rootkit Tool
10010100111000/windows-
The Windows Kernel Programming book samples
10010100111000/windows-api-function-cheatsheets
A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization, interprocess communication, Unicode string manipulation, error handling, Winsock networking operations, and registry operations.
10010100111000/Windows-driver-samples
This repo contains driver samples prepared for use with Microsoft Visual Studio and the Windows Driver Kit (WDK). It contains both Universal Windows Driver and desktop-only driver samples.
10010100111000/WindowsKernelBook
《Windows 内核安全编程技术实践》 是一本于2023年3月4日创作完成,并于3月6日首次发表的图书作品,著作权人是王瑞。本书图文并茂、深入浅出、案例丰富,是Windows内核开发工程师的参考资料,也可供信息安全,软件工程等相关专业本科及以上在校生学习参考。本书是近年来少见的关于揭秘AntiRootkit反内核工具实现细节的相关书籍。
10010100111000/WubbabooMark
Debugger Anti-Detection Benchmark