Lifka

Lifka's Stars

• microsoft/MS-DOS

  The original sources of MS-DOS 1.25, 2.0, and 4.0 for reference purposes

  Language:Assembly30.9k74804.4k

• dotnet/runtime

  .NET is a cross-platform runtime for cloud, mobile, desktop, and IoT apps.

  Language:C#15.6k46165k4.8k

• lucasg/Dependencies

  A rewrite of the old legacy software "depends.exe" in C# for Windows devs to troubleshoot dll load dependencies issues.

  Language:C#9.4k162225768

• HackTricks-wiki/hacktricks

  Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

  Language:CSS9.3k239952.7k

• microsoft/Windows-driver-samples

  This repo contains driver samples prepared for use with Microsoft Visual Studio and the Windows Driver Kit (WDK). It contains both Universal Windows Driver and desktop-only driver samples.

  Language:C7.1k5815565k

• es3n1n/no-defender

  A slightly more fun way to disable windows defender + firewall. (through the WSC api)

  1.9k18711

• S3cur3Th1sSh1t/Amsi-Bypass-Powershell

  This repo contains some Amsi Bypass methods i found on different Blog Posts.

  1.8k353295

• Air14/HyperHide

  Hypervisor based anti anti debug plugin for x64dbg

  Language:C++1.3k3551304

• microsoft/krabsetw

  KrabsETW provides a modern C++ wrapper and a .NET wrapper around the low-level ETW trace consumption functions.

  Language:C++61640123154

• strivexjun/DriverInjectDll

  Using Driver Global Injection dll, it can hide DLL modules

  Language:C++5121710188

• redteamsocietegenerale/DLLirant

  DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.

  Language:C#4819041

• darkoperator/Posh-SecMod

  PowerShell Module with Security cmdlets for security work

  Language:PowerShell43750687

• pathtofile/Sealighter

  Sysmon-Like research tool for ETW

  Language:C++34511841

• 0xda568/IconJector

  Unorthodox and stealthy way to inject a DLL into the explorer using icons

  Language:C++2964240

• sicaril/BaymaxTools

  BaymaxTools is a feature code extraction and search plug-in for x64dbg debugger. it is convenient to extract the signature of the specified instruction and the number of occurrences of the signature in the search module.

  296111147

• ionescu007/HookingNirvana

  Recon 2015 Presentation from Alex Ionescu

  Language:C23318160

• jsecurity101/TelemetrySource

  2279018

• repnz/etw-providers-docs

  Document ETW providers

  Language:C21813450

• zhuhuibeishadiao/ntoskrnl

  The Windows Research Kernel (WRK)

  Language:C18040246

• secrary/Hooking-via-InstrumentationCallback

  codes for my blog post: https://secrary.com/Random/InstrumentationCallback/

  Language:C++17215077

• jsecurity101/ETWInspector

  Language:C++1543016

• pathtofile/PPLRunner

  Run Processes as PPL with ELAM

  Language:C1536830

• 0xeb/WinTools

  A collection of free miscellaneous Windows tools

  Language:C#12611028

• zodiacon/sysrun

  Run any executable as SYSTEM account (no service required)

  Language:C++1259144

• Chainski/ForceAdmin

  Collection of script templates to create infinite UAC prompts forcing a user to run as admin ⚠

  Language:AutoIt980213

• not-wlan/instrumentation-callbacks

  based on https://github.com/secrary/Hooking-via-InstrumentationCallback

  Language:C++686024

• zacbrown/hiddentreasure-etw-demo

  Basic demo for Hidden Treasure talk.

  Language:C#49609

• hasherezade/shellc_encoder

  Standalone Metasploit-like XOR encoder for shellcode

  Language:C46102

• arsium/PEPatcher

  A PE information patcher.

  410

• VirusTotal/gti-use-cases

  Language:Python11101