Directoree's Stars
antiwar3/py
飘云ark(pyark)
lracker/MyArk
模仿PCHUNTER的ARK工具
ClownQq/YDArk
X64内核小工具
vxcute/WindowsInternals
Yet another windows internals repo
FiYHer/driver_callback_bypass_1909
研究和移除各种内核回调,在anti anti cheat的路上越走越远
DarthTon/Blackbone
Windows memory hacking library
can1357/ByePg
Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.
0xcpu/ExecutiveCallbackObjects
Research on Windows Kernel Executive Callback Objects
stuxnet147/InfinityHookPro
InfinityHookPro Win7 -> Win11 latest
armasm/EasyAntiPatchGuard
Easy Anti PatchGuard
killvxk/DisableWin10PatchguardPoc
pseudo-code to show how to disable patchguard with win10
Mattiwatti/EfiGuard
Disable PatchGuard and Driver Signature Enforcement at boot time
everdox/InfinityHook
Hook system calls, context switches, page faults and more.
NationalSecurityAgency/ghidra
Ghidra is a software reverse engineering (SRE) framework
bootleg/ret-sync
ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja disassemblers.
yeyintminthuhtut/Awesome-Advanced-Windows-Exploitation-References
List of Awesome Advanced Windows Exploitation References
0vercl0k/wtf
wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows and Linux user-mode (experimental!).
x64dbg/x64dbg
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
Saturn35/Papers-PDFs
Some papers that I have read have been inspired by me, just shared, and not classified. The copyright belongs to each original author.
binbibi/CallbackEx
Demo List cm/ps/ob/minifilter callback And Patch/Bypass it
OSRDrivers/kmexts
Simple driver to register all available process, thread, image, Registry, and Object callbacks
ExpLife0011/KeUserModeCallBack
A Simple Example
hacksysteam/HackSysExtremeVulnerableDriver
HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux
corkami/pics
File formats dissections and more...
ExpLife0011/awesome-windows-kernel-security-development
windows kernel security development
volatilityfoundation/volatility
An advanced memory forensics framework
romanking98/House-Of-Roman
RCE through Leakless HeapFengShui, fastbin alloc anywhere.
cbwang505/poolfengshui
笔者的在原作者池风水利用工具(以下简称工具)基础上进行二次开发,新增了全自动获取内核调试模块符号的偏移量及配置参数和不同漏洞利用方式优化等功能, 解决了不同Windows版本适配问题,工具包括适配驱动和利用程序两部分组成,实现了在Windows 10 19H1之后任意版本包括满补丁系统上的稳定利用.
SecWiki/windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合
yelog/hexo-theme-3-hexo
hexo主题:三段式设计、极简、方便 Hexo theme: three-stage design