Pinned Repositories
al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
Alcatraz
x64 binary obfuscator
awesome-windows-kernel-security-development
windows kernel security development
Blackbone
Windows memory hacking library
bochspwn
A Bochs-based instrumentation project designed to log kernel memory references, to identify "double fetches" and other OS vulnerabilities
DdiMon
Monitoring and controlling kernel API calls with stealth hook using EPT
HookLib
The functions interception library written on pure C and NativeAPI with UserMode and KernelMode support
HyperPlatform
Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.
kvm-guest-drivers-windows
Windows paravirtualized
VMProtect
VMProtect Leaked Source Code
BestForever's Repositories
BestForever/VMProtect
VMProtect Leaked Source Code
BestForever/Alcatraz
x64 binary obfuscator
BestForever/al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
BestForever/awesome-windows-kernel-security-development
windows kernel security development
BestForever/Blackbone
Windows memory hacking library
BestForever/bochspwn
A Bochs-based instrumentation project designed to log kernel memory references, to identify "double fetches" and other OS vulnerabilities
BestForever/DdiMon
Monitoring and controlling kernel API calls with stealth hook using EPT
BestForever/HookLib
The functions interception library written on pure C and NativeAPI with UserMode and KernelMode support
BestForever/HyperPlatform
Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.
BestForever/kvm-guest-drivers-windows
Windows paravirtualized
BestForever/nginx
An official read-only mirror of http://hg.nginx.org/nginx/ which is updated hourly. Pull requests on GitHub cannot be accepted and will be automatically closed. The proper way to submit changes to nginx is via the nginx development mailing list, see http://nginx.org/en/docs/contributing_changes.html
BestForever/OpenArk
OpenArk is an open source anti-rookit(ARK) tool for Windows.
BestForever/sdk
BinaryAI Python SDK
BestForever/Self-Remapping-Code
This program remaps its image to prevent the page protection of pages contained in the image from being modified via NtProtectVirtualMemory.
BestForever/Shark
Turn off PatchGuard in real time for win7 (7600) ~ win10 (17763).
BestForever/ShellcodeCompiler
Shellcode Compiler
BestForever/ShellCodeFramework
绕3环的shellcode免杀框架
BestForever/SimpleRemoter
基于gh0st的远程控制器:实现了终端管理、进程管理、窗口管理、远程桌面、文件管理、语音管理、视频管理、服务管理、注册表管理等功能,优化全部代码及整理排版,修复内存泄漏缺陷,程序运行稳定。项目代码仅限于学习和交流用途。
BestForever/SPiCall
Yet another windows syscall library
BestForever/ThreadSpy
BestForever/unicorn_pe
Unicorn PE is an unicorn based instrumentation project designed to emulate code execution for windows PE files.
BestForever/WinDDK
The Microsoft® Windows Server™ 2003 Service Pack 1 (SP1) Driver Development Kit (DDK) provides a driver development environment for Windows Server 2003, Windows® XP, and Windows 2000. The DDK provides additional driver-specific headers, libraries, sources, tools, and documentation that are used to develop drivers for Windows Server 2003 SP1.
BestForever/WRK
The Windows Research Kernel v1.2 contains the sources for the core of the Windows (NTOS) kernel and a build environment for a kernel that will run on x86 (Windows Server 2003 Service Pack 1) and AMD64 (Windows XP x64 Professional)
BestForever/xorstr
heavily vectorized c++17 compile time string encryption.