archercreat

archercreat's Stars

• microsoft/MS-DOS

  The original sources of MS-DOS 1.25, 2.0, and 4.0 for reference purposes

  Language:Assembly30.7k74704.4k

• uxmal/reko

  Reko is a binary decompiler.

  Language:C#2.2k76636253

• googleprojectzero/sandbox-attacksurface-analysis-tools

  Set of tools to analyze Windows sandboxes for exposed attack surface.

  Language:C#2.1k12035433

• herumi/xbyak

  A JIT assembler for x86/x64 architectures supporting MMX, SSE (1-4), AVX (1-2, 512), FPU, APX, and AVX10.2

  Language:C++2k11594278

• google/UIforETW

  User interface for recording and managing ETW traces

  Language:C++1.6k95105201

• FULLSHADE/WindowsExploitationResources

  Resources for Windows exploit development

  1.5k533318

• marin-m/vmlinux-to-elf

  A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms)

  Language:Python1.3k3043129

• tyranid/oleviewdotnet

  A .net OLE/COM viewer and inspector to merge functionality of OleView and Test Container

  Language:C#1.1k5434183

• StanfordPL/stoke

  STOKE: A stochastic superoptimizer and program synthesizer

  Language:C++7403999975

• microsoft/WinDbg-Samples

  Sample extensions, scripts, and API uses for WinDbg.

  Language:C++7195834120

• 0x36/Pixel_GPU_Exploit

  Android 14 kernel exploit for Pixel7/8 Pro

  Language:C++46210769

• NaC-L/Mergen

  Deobfuscation via optimization with usage of LLVM IR and parsing assembly.

  Language:C++357151937

• ionescu007/Simpleator

  Simpleator ("Simple-ator") is an innovative Windows-centric x64 user-mode application emulator that leverages several new features that were added in Windows 10 Spring Update (1803), also called "Redstone 4", with additional improvements that were made in Windows 10 October Update (1809), aka "Redstone 5".

  Language:C++33533652

• emproof-com/nyxstone

  Nyxstone: assembly / disassembly library based on LLVM, implemented in C++ with Rust and Python bindings, maintained by emproof.com

  Language:C++31793016

• KVM-VMI/kvm-vmi

  KVM-based Virtual Machine Introspection

  Language:Jinja310247960

• fjqisba/VmpHelper

  an ida plugin used to decompile vmp

  Language:C++29710571

• SamuelTulach/negativespoofer

  PoC HWID spoofer that runs in EFI

  Language:C++272161071

• myfreeer/7z-build-nsis

  7-zip build and package script with nsis script decompiling using ms visual studio

  Language:Batchfile238163243

• can1357/selene

  Kernel-mode Paravirtualization in Ring 2, LLVM based linker, and some other things!

  Language:C++2356321

• ergrelet/themida-unmutate

  Static deobfuscator for Themida, WinLicense and Code Virtualizer 3.x's mutation-based obfuscation.

  Language:Python2205517

• thesecretclub/riscy-business

  RISC-V Virtual Machine

  Language:C1968112

• unixfreak0037/officeparser

  Extract embedded files and macros from office documents.

  Language:Python177141260

• jonomango/nohv

  Kernel driver for detecting Intel VT-x hypervisors.

  Language:C++1705128

• mebeim/linux-syscalls

  🌐🐧 Browsable linux kernel syscall tables built with Systrack (https://github.com/mebeim/systrack)

  Language:JavaScript146608

• isra17/nrs

  NSIS Reversing Suite with IDA Plugins

  Language:Python10114619

• ergrelet/themida-spotter-bn

  A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.

  Language:C++71537

• can1357/xstd

  A portable header only library extending the C++20 STL.

  Language:C++68606

• BeneficialCode/KReClassEx

  Kernel ReClassEx

  Language:C++61105

• adutilleul/tigress-deobfuscation

  A documentation of several Tigress obfuscation passes and an attempt to simplify Mixed Boolean-Arithmetic (MBA) expressions.

  Language:F#21202

• can1357/xedpp

  Tiny wrapper around xed API.

  Language:C++8102