DubheStar

DubheStar's Stars

• BlackSnufkin/BYOVD

  Some POCs for my BYOVD research and find some vulnerable drivers

  Language:Rust13124

• Idov31/Nidhogg

  Nidhogg is an all-in-one simple to use windows kernel rootkit.

  Language:C++1.8k267

• BigFaceCat2017/frida_ssl_logger

  ssl_logger based on frida

  Language:Python553146

• EvilBytecode/GoDefender

  Anti Virtulization, Anti Debugging, AntiVM, Anti Virtual Machine, Anti Debug, Anti Sandboxie, Anti Sandbox, VM Detect package. Windows ONLY.

  Language:Go38941

• KurapicaBS/x64_tracer

  x64dbg conditional branches logger [Plugin]

  Language:C++6922

• qwqdanchun/ScreenShot-BOF

  Language:C397

• baiyies/ScreenshotBOFPlus

  Take a screenshot without injection for Cobalt Strike

  Language:C17511

• myzxcg/RealBlindingEDR

  Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...

  Language:C++950174

• fjqisba/E-Decompiler

  用来辅助分析易语言程序的IDA插件

  Language:C++45678

• Kwansy98/ApiBreakpoint

  Api Breakpoint GUI plugin for x64dbg

  Language:C12031

• kevthehermit/RATDecoders

  Python Decoders for Common Remote Access Trojans

  Language:Python1.1k311

• hzqst/VmwareHardenedLoader

  Vmware Hardened VM detection mitigation loader (anti anti-vm)

  Language:C1.8k465

• classic130/VMProtect-Source

  Source of VMProtect (NOT OFFICIALLY)

  189411

• knownsec/shellcodeloader

  shellcodeloader

  Language:C++1.7k370

• yj94/BinarySpy

  一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.

  Language:Python42256

• luxbin/force-install-chrome-extension

  Force install own chrome extension on Chrome and Edge

  Language:Batchfile11

• andrewpmontgomery/chrome-extension-store

  Chrome Extension Store for Enterprise

  Language:JavaScript2

• joe-desimone/rep-research

  Language:Python689

• mike1k/VMPImportFixer

  Fix VMProtect Import Protection

  Language:C++32682

• drb-ra/C2IntelFeeds

  Automatically created C2 Feeds

  Language:REXX53347

• rainerzufalldererste/windows_x64_shellcode_template

  An easily modifiable shellcode template for Windows x64 written in C

  Language:C19729

• CryptoNickSoft/7z-SFX-Constructor

  Create 7z SFX archives

  639

• zer0condition/GDRVLoader

  Unsigned driver loader using CVE-2018-19320

  Language:C20555

• x64dbg/ScyllaHide

  Advanced usermode anti-anti-debugger. Forked from https://bitbucket.org/NtQuery/scyllahide

  Language:C++3.5k434

• VirtualAlllocEx/DEFCON-31-Syscalls-Workshop

  Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".

  Language:C63693

• apkc/AV-EPP-EDR-Windows-API-Hooking-List

  Depending on the AV/EDR we will check which Windows APIs are hooked by the AV/EDR

  1

• zeroperil/HookDump

  Security product hook detection

  Language:C++31150

• jxpsx/AV-EDR-WIN32-API-Hooking-List

  Depending on the AV/EDR we will check which Windows APIs are hooked by the AV/EDR

  433

• KasperskyLab/Apihashes

  IDA Pro plugin for recognizing known hashes of API function names

  Language:Python8215

• damienvanrobaeys/WindowsSandbox_Explorer

  Windows Sandbox Explorer: a quick PowerShell way to modify the default Windows Sandbox

  Language:PowerShell122