Pinned Repositories
0cchext
0CCh Windbg extension
30dayMakeOS
《30天自制操作系统》源码中文版。自己制作一个操作系统(OSASK)的过程
A-Protect
A-Protect Anti Rootkit Tool
access
Access without a real handle
AheadLib-x86-x64
hijack dll Source Code Generator. support x86/x64
Ark-tools
Windows Ark 工具的工程和一些demo
Waterman178's Repositories
Waterman178/A-Protect
A-Protect Anti Rootkit Tool
Waterman178/Evasion-Tools
Anti-technique Codes, Detection of Anti-technique codes
Waterman178/findpg
Windbg extension to find PatchGuard pages
Waterman178/GDB-Python-Utils
A library for GDB (with python support), that adds useful functions to the standard 'gdb' library.
Waterman178/ida-consonance
Consonance, a dark color scheme for IDA.
Waterman178/IDA-VMware-GDB
Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub
Waterman178/IDASimulator
IDASimulator is a plugin that extends IDA's conditional breakpoint support, making it easy to augment / replace complex executable code inside a debugged process with Python code. Specifically, IDASimulator makes use of conditional breakpoints in the IDA debugger to hijack the execution flow of a process and invoke Python handler functions whenever particular code blocks are executed. With support for multiple target architectures, it handles details such as register initialization, memory allocation, pointers, function arguments and return values seamlessly and transparently, making it easy to replace, modify and subvert existing functionality (or lack thereof) in the target process. IDASimulator also includes the IDASim python module, on which IDASimulator is based. This allows for all of the features of IDASimulator to be integrated into more complex IDAPython scripts. IDASimulator currently supports the x86, x86_64, ARM and MIPS32 architectures. Porting to other architectures is very easy.
Waterman178/pcmanager
金山卫士开源代码。同步于Hg源。为了方便查看和学习,同步到Github
Waterman178/processhacker_2.33
fork of 2.33 change white backgrounds to current windows color scheme
Waterman178/PTBypass-PoC
Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.
Waterman178/REBoot
Bootkits Revisited
Waterman178/Simrep
windows kernel File redirection
Waterman178/VirtualDeobfuscator
Reverse engineering tool for virtualization wrappers
Waterman178/vulnwindrv
Vulnerable Windows Driver with exploits which were used for demonstration purposes on Hunting and exploiting bugs in kernel drivers presentation at Hacktivity 2012 conference