cr-0w's Stars
Kudaes/EPI
Threadless Process Injection through entry point hijacking
mytechnotalent/Reverse-Engineering
A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM and embedded RISC-V architectures.
y11en/PEBFake
PEBFake(修改PEB 伪装当前进程路径、参数等)
aaaddress1/masqueradeCmdline
A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.
3intermute/arm64_silent_syscall_hook
silent syscall hooking without modifying sys_call_table/handlers via patching exception handler
ZeroMemoryEx/Blackout
kill anti-malware protected processes ( BYOVD) ( Microsoft Won)
Captainarash/The_Holy_Book_of_X86
A simple guide to x86 architecture, assembly, memory management, paging, segmentation, SMM, BIOS....
X0RW3LL/WhatTheStack
Helper script for identifying bad characters based on (Immunity|edb)'s stack dump
bsauce/kernel-exploit-factory
Linux kernel CVE exploit analysis report and relative debug environment. You don't need to compile Linux kernel and configure your environment anymore.
am0nsec/SharpHellsGate
C# Implementation of the Hell's Gate VX Technique
ReClassNET/ReClass.NET
More than a ReClass port to the .NET platform.
a0rtega/pafish
Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
Kempeter/crow-rust
The crow YouTube channel tutorials written in rust
mandiant/SSSDKCMExtractor
nop-tech/learning-resources
Collection of resources to learn pentesting, exploit development, obfuscation & much more.
nop-tech/OSED
Containing my notes, practice binaries + solutions, blog posts, etc. for the Offensive Security Exploit Developer (OSED/EXP-301)
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
rad9800/TamperingSyscalls
outflanknl/Dumpert
LSASS memory dumper using direct system calls and API unhooking.
lfontesm/PEB-Walk
Crypto-Cat/CTF
CTF chall write-ups, files, scripts etc (trying to be more organised LOL)
S3cur3Th1sSh1t/OffensiveVBA
This repo covers some code execution and AV Evasion methods for Macros in Office documents
huntandhackett/process-cloning
The Definitive Guide To Process Cloning on Windows
x0reaxeax/SysCook64
Indirect Syscall invocation via thread hijacking
thefLink/RecycledGate
Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll
klezVirus/NimlineWhispers3
A tool for converting SysWhispers3 syscalls for use with Nim projects
eversinc33/BouncyGate
Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL (as in RecycledGate).
S3cur3Th1sSh1t/NimGetSyscallStub
Get fresh Syscalls from a fresh ntdll.dll copy
xct/windows-kernel-exploits
Some of my windows kernel exploits for learning purposes
Arinerron/heaptrace
helps visualize heap operations for pwn and debugging