Pinned Repositories
35C3_Modern_Windows_Userspace_Exploitation
Alcatraz
x64 binary obfuscator
angr
A powerful and user-friendly binary analysis platform!
APT_Digital_Weapon
Indicators of compromise (IOCs) collected from public resources and categorized by Qi-AnXin.
GameScriptingMastery
NoVmp
A static devirtualizer for VMProtect x64 3.x. powered by VTIL.
PintoolsExamples
VTIL-Core
Virtual-machine Translation Intermediate Language
windows-kernel-cve
WindowsKernelBook
《Windows 内核安全编程技术实践》 系列书籍,揭秘 Anti RootKit 反内核工具核心原理与技术实现细节。 The series of books, "Practice of Windows Kernel Security Programming Technology", reveals the core principles and technical implementation details of Anti-RootKit anti-kernel tools.
SionThanatos's Repositories
SionThanatos/awesome-browser-exploit
awesome list of browser exploitation tutorials
SionThanatos/awesome-virtualization
Collection of resources about Virtualization
SionThanatos/BinAbsInspector
BinAbsInspector: Vulnerability Scanner for Binaries
SionThanatos/Blackbone
Windows memory hacking library
SionThanatos/CallStackSpoofer
A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)
SionThanatos/data
APTnotes data
SionThanatos/Dependencies
A rewrite of the old legacy software "depends.exe" in C# for Windows devs to troubleshoot dll load dependencies issues.
SionThanatos/DetoursX
Kernel-Mode extended version of https://github.com/microsoft/Detours
SionThanatos/GameServer
League Sandbox's Game Server
SionThanatos/HackSysExtremeVulnerableDriver
HackSys Extreme Vulnerable Windows Driver
SionThanatos/IoCs
indicators-of-compromise from published reports
SionThanatos/IoRingReadWritePrimitive
Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2
SionThanatos/Kernel-Bridge
Windows kernel hacking framework, driver template, hypervisor and API written on C++
SionThanatos/Kernelhub
:palm_tree:Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)
SionThanatos/lainTSX
WebGL implementation of the Serial Experiments Lain PSX game
SionThanatos/malware-research
Code written as part of our various malware investigations
SionThanatos/obfuscator
ollvm,base on llvm-clang 5.0.2, 6.0.1 , 7.0.1,8.0,9.0,9.0.1,10.x,11.x,12.x,13.x,14.x,swift-llvm-clang 5.0,swift-llvm-clang 5.5
SionThanatos/OpenArk
OpenArk is an open source anti-rookit(ARK) tool for Windows.
SionThanatos/PoC
Proofs-of-concept
SionThanatos/PrintNightmare
SionThanatos/ret-sync
ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja disassemblers.
SionThanatos/rp
rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM binaries.
SionThanatos/SandboxBootkit
Bootkit for Windows Sandbox to disable DSE/PatchGuard.
SionThanatos/shellcode-factory
shellcode 生成框架
SionThanatos/theZoo
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
SionThanatos/unicorn_pe
Unicorn PE is an unicorn based instrumentation project designed to emulate code execution for windows PE files.
SionThanatos/VirtualKD-Redux
VirtualKD-Redux - A revival and modernization of VirtualKD
SionThanatos/VMProtect-devirtualization
Playing with the VMProtect software protection. Automatic deobfuscation of pure functions using symbolic execution and LLVM.
SionThanatos/Windows-Non-Paged-Pool-Overflow-Exploitation
Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CVE-2020-17087 and an off-by-one overflow
SionThanatos/Zeratool
Automatic Exploit Generation (AEG) and remote flag capture for exploitable CTF problems