Pinned Repositories
35C3_Modern_Windows_Userspace_Exploitation
Alcatraz
x64 binary obfuscator
angr
A powerful and user-friendly binary analysis platform!
APT_Digital_Weapon
Indicators of compromise (IOCs) collected from public resources and categorized by Qi-AnXin.
GameScriptingMastery
NoVmp
A static devirtualizer for VMProtect x64 3.x. powered by VTIL.
PintoolsExamples
VTIL-Core
Virtual-machine Translation Intermediate Language
windows-kernel-cve
WindowsKernelBook
《Windows 内核安全编程技术实践》 系列书籍,揭秘 Anti RootKit 反内核工具核心原理与技术实现细节。 The series of books, "Practice of Windows Kernel Security Programming Technology", reveals the core principles and technical implementation details of Anti-RootKit anti-kernel tools.
SionThanatos's Repositories
SionThanatos/WindowsKernelBook
《Windows 内核安全编程技术实践》 系列书籍,揭秘 Anti RootKit 反内核工具核心原理与技术实现细节。 The series of books, "Practice of Windows Kernel Security Programming Technology", reveals the core principles and technical implementation details of Anti-RootKit anti-kernel tools.
SionThanatos/awesome-symbolic-execution
A curated list of awesome symbolic execution resources including essential research papers, lectures, videos, and tools.
SionThanatos/VTIL-Core
Virtual-machine Translation Intermediate Language
SionThanatos/Black-Angel-Rootkit
Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.
SionThanatos/CVE-2023-27326
VM Escape for Parallels Desktop <18.1.1
SionThanatos/Doge-Gabh
GetProcAddressByHash/remap/full dll unhooking/Tartaru's Gate/Spoofing Gate/universal/Perun's Fart/Spoofing-Gate/EGG/RecycledGate/syswhisper/RefleXXion golang implementation
SionThanatos/ebpf-for-windows
eBPF implementation that runs on top of Windows
SionThanatos/getsymbol
Simple tool to download debugging symbols from Microsoft, Google, Mozilla and Citrix symbol servers for reverse engineers compatible with Windows 8.1, 10 and 11
SionThanatos/hw-call-stack
Use hardware breakpoints to spoof the call stack for both syscalls and API calls
SionThanatos/iMonitor
iMonitor(冰镜 - 终端行为分析系统)
SionThanatos/LIEF
LIEF - Library to Instrument Executable Formats
SionThanatos/llvm-msvc
Forked LLVM focused on MSVC Compatibility
SionThanatos/LyScript
一款强大的针对x64dbg开发的自动化反汇编控制模块,提高逆向分析效率 。 A powerful automatic disassembly control module developed for x64dbg improves the efficiency of reverse analysis.
SionThanatos/MagiskOnWSALocal
Integrate Magisk root and Google Apps into WSA (Windows Subsystem for Android)
SionThanatos/MSRC-Security-Research
Security Research from the Microsoft Security Response Center (MSRC)
SionThanatos/NoVmpy
SionThanatos/ntqueueapcthreadex-ntdll-gadget-injection
This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret gadget can be used for stealthy code injection.
SionThanatos/pcileech
Direct Memory Access (DMA) Attack Software
SionThanatos/pinduoduo_backdoor
拼多多apk内嵌提权代码,及动态下发dex分析
SionThanatos/query-pdb
query-pdb is a server-side software for parsing PDB files. The software provides PDB online parsing service.
SionThanatos/reverse-engineering-workshop
Slides & Hands-on for the reverse engineering workshop
SionThanatos/rt-thread
RT-Thread is an open source IoT real-time operating system (RTOS).
SionThanatos/SyscallTables
Windows NT x64 Syscall tables
SionThanatos/ThePerfectInjector
Literally, the perfect injector.
SionThanatos/ucxxrt
The Universal C++ RunTime library, supporting kernel-mode C++ exception-handler and STL.
SionThanatos/video-virtual-memory-materials
《关于编写 x64 Windows 10 驱动以了解虚拟内存这件事》系列视频附带的代码和材料
SionThanatos/VmWareThrough
SionThanatos/Win32_Offensive_Cheatsheet
Win32 and Kernel abusing techniques for pentesters
SionThanatos/Windows-Machine-Learning
Samples and Tools for Windows ML.
SionThanatos/Windows_LPE_AFD_CVE-2023-21768
LPE exploit for CVE-2023-21768