Pinned Repositories
CustomKeyboardLayoutPersistence
Achieve execution using a custom keyboard layout
FLARE-ON-9_INTERESTING
Malware-RE-papers
Here are some of my malware reversing papers that I will be publishing
NlsCodeInjectionThroughRegistry
Dll injection through code page id modification in registry. Based on jonas lykk research
NtQuerySystemInformation
Config files for my GitHub profile.
RelocBonus
An obfuscation tool for Windows which instruments the Windows Loader into acting as an unpacking engine.
ReversingExperiments
Tooling created for reverse engineering malware.
NtQuerySystemInformation's Repositories
NtQuerySystemInformation/CustomKeyboardLayoutPersistence
Achieve execution using a custom keyboard layout
NtQuerySystemInformation/NlsCodeInjectionThroughRegistry
Dll injection through code page id modification in registry. Based on jonas lykk research
NtQuerySystemInformation/Malware-RE-papers
Here are some of my malware reversing papers that I will be publishing
NtQuerySystemInformation/RelocBonus
An obfuscation tool for Windows which instruments the Windows Loader into acting as an unpacking engine.
NtQuerySystemInformation/FLARE-ON-9_INTERESTING
NtQuerySystemInformation/ReversingExperiments
Tooling created for reverse engineering malware.
NtQuerySystemInformation/NtQuerySystemInformation
Config files for my GitHub profile.
NtQuerySystemInformation/C-TempTestsJonas
NtQuerySystemInformation/AutomataMP
NieR: Automata Multiplayer Mod
NtQuerySystemInformation/BO1ModLoader
ModLoad for testing potential race condition.
NtQuerySystemInformation/CarbanakRE
Looking at the source
NtQuerySystemInformation/exploitkitpub
NtQuerySystemInformation/flare-ida
IDA Pro utilities from FLARE team
NtQuerySystemInformation/github-pages-with-jekyll
NtQuerySystemInformation/HexRaysPyTools
IDA Pro plugin which improves work with HexRays decompiler and helps in process of reconstruction structures and classes
NtQuerySystemInformation/idaplugins-list
A list of IDA Plugins
NtQuerySystemInformation/Lab-Notes
Code snips and notes
NtQuerySystemInformation/libpeconv
A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl
NtQuerySystemInformation/Mergen
Deobfuscation via optimization with usage of LLVM IR and parsing assembly.
NtQuerySystemInformation/Miscellaneous
Small programs and scripts that do not require their own repositories
NtQuerySystemInformation/NtQuerySystemInformation.github.io
weird website.
NtQuerySystemInformation/pe_unmapper
Small tool to convert beteween the PE alignments (raw and virtual).
NtQuerySystemInformation/PrivFu
Kernel mode WinDbg extension and PoCs for token privilege investigation.
NtQuerySystemInformation/ReversingResources
Personal articles/websites/books that I look at for certain topics related to reversing malware and windows related topics.
NtQuerySystemInformation/RITSEC-CTF-2019
Repo to archive the 2019 RITSEC CTF Challenges & Documentation
NtQuerySystemInformation/TicklingVMProtect
NtQuerySystemInformation/VC-LTL5
Shared to msvcrt.dll or ucrtbase.dll and optimize the C/C++ application file size.
NtQuerySystemInformation/VMProtect-devirtualization
Playing with the VMProtect software protection. Automatic deobfuscation of pure functions using symbolic execution and LLVM.
NtQuerySystemInformation/wpp
Intercepting DeviceControl via WPP