elmelik's Stars
wongfei/dwm_overlay
PoC: DX11 overlay over DWM
LordMike/NtfsLib
NTFS parsing library in C#. Allows one to parse and read NTFS structures on disk.
libyal/libfsntfs
Library and tools to access the Windows New Technology File System (NTFS)
orkblutt/NTFS-Parser-Lib
From https://www.codeproject.com/Articles/81456/An-NTFS-Parser-Lib by cyb70289
Cr4sh/s6_pcie_microblaze
PCI Express DIY hacking toolkit for Xilinx SP605. This repository is also home of Hyper-V Backdoor and Boot Backdoor, check readme for links and info
prash-wghats/Dtrace-ETW
DTrace for Windows in userspace; Frontend to ETW
FinanceData/OpenDartReader
Open DART Reader
SamuelTulach/efi-memory
PoC EFI runtime driver for memory r/w & kdmapper fork
can1357/NoVmp
A static devirtualizer for VMProtect x64 3.x. powered by VTIL.
baohaojun/system-config
My customizations of Posix systems (Linux/Cygwin/Darwin/FreeBSD).
angr/angr
A powerful and user-friendly binary analysis platform!
TheCruZ/EFI_Driver_Access
Efi Driver Access is a simply project to load a driver during system boot with the idea to give the user kernel access for read/write memory without restrictions
vtil-project/VTIL-Core
Virtual-machine Translation Intermediate Language
stonedreamforest/Mirage
kernel-mode Anti-Anti-Debug plugin. based on intel vt-x && ept technology
KelvinMsft/kHypervisor
kHypervisor is a lightweight bluepill-like nested VMM for Windows, it provides and emulating a basic function of Intel VT-x
ionescu007/tpmtool
The TpmTool utility is a simple cross-platform tool for accessing TPM2.0 Non-Volatile (NV) Spaces (Index Values) on compliant systems, with zero dependencies on any TPM2.0 stack. It provides the ability to enumerate, create, delete, query, and lock NV indices, as well as to read and write data stored in them.
SinaKarvandi/Hypervisor-From-Scratch
Source code of a multiple series of tutorials about the hypervisor. Available at: https://rayanfam.com/tutorials
Schnocker/EAC_dbp
EAC Bypass
tandasat/SimpleSvmHook
SimpleSvmHook is a research purpose hypervisor for Windows on AMD processors.
Gbps/gbhv
Simple x86-64 VT-x Hypervisor with EPT Hooking
vmcall/KernelGDIDraw
The program draws with win32k gdi functions in the kernel while NtGdiDdDDISubmitCommand is being hooked.
BadPlayer555/KernelGDIDraw
The program draws with win32k gdi functions in the kernel while NtGdiDdDDISubmitCommand is being hooked.
tandasat/MemoryMon
Detecting execution of kernel memory where is not backed by any image file
thesecretclub/window_hijack
Rendering on external windows via hijacking thread contexts
bruce30262/TWindbg
PEDA-like debugger UI for WinDbg
btbd/access
Access without a real handle
weidai11/cryptopp
free C++ class library of cryptographic schemes
qilingframework/qiling
A True Instrumentable Binary Emulation Framework
blaquee/SlothEmu
unicorn emulator for x64dbg
mandiant/flare-emu