Pinned Repositories
adbi
Android Dynamic Binary Instrumentation Toolkit
And64InlineHook
Lightweight ARMv8-A(ARM64, AArch64, Little-Endian) Inline Hook Library for Android C/C++
AndroidInjection
This project contains several exercises about injection using ptrace on Android platform
awesome-windbg-extensions
awesome windbg extensions
KernelExploit
윈도우 커널 익스플로잇 (공격 프로그램)
KernelExploitDriver
윈도우 커널 익스플로잇 (드라이버)
mfd
파일시스템 미니필터 드라이버 (교육용 코드)
pcmonitor
pcmonitor - windows kernel driver to monitor users activity(such as keyboard input, screenshot) and send encrypted reports to mobile applications in realtime through intermediate web server
pysc2-examples
StarCraft II - pysc2 Deep Reinforcement Learning Examples
SimpleVisor
SimpleVisor is a simple, portable, Intel VT-x hypervisor with two specific goals: using the least amount of assembly code (10 lines), and having the smallest amount of VMX-related code to support dynamic hyperjacking and unhyperjacking (that is, virtualizing the host state from within the host). It works on Windows and UEFI.
ethobis's Repositories
ethobis/mfd
파일시스템 미니필터 드라이버 (교육용 코드)
ethobis/pysc2-examples
StarCraft II - pysc2 Deep Reinforcement Learning Examples
ethobis/awesome-windbg-extensions
awesome windbg extensions
ethobis/awesome-windows-kernel-security-development
ethobis/awesome-windows-security
List of Awesome Windows Security Resources
ethobis/ByePg
Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI
ethobis/CobaltStrike4.0
收集的CobaltStrike4.0
ethobis/COM-Code-Helper
Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code
ethobis/CVE-2020-0668
Use CVE-2020-0668 to perform an arbitrary privileged file move operation.
ethobis/CVE-2021-28476
PoC for CVE-2021-28476 a guest-to-host "Hyper-V Remote Code Execution Vulnerability" in vmswitch.sys.
ethobis/CVE-2022-21882
ethobis/ebpf-for-windows
eBPF implementation that runs on top of Windows
ethobis/EDRs
ethobis/ethobis.github.io
ethobis blog
ethobis/InfinityHook
Hook system calls, context switches, page faults and more.
ethobis/injectAllTheThings
Seven different DLL injection techniques in one single project.
ethobis/inline-hook
simple inline-hook framework works for x86, x64, arm and thumb
ethobis/LogonCredentialsSteal
LOCAL AND REMOTE HOOK msv1_0!SpAcceptCredentials from LSASS.exe and DUMP DOMAIN/LOGIN/PASSWORD IN CLEARTEXT to text file.
ethobis/LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
ethobis/mfdext
파일시스템 미니필터 드라이버 디버거-익스텐션
ethobis/nginx-admins-handbook
How to improve NGINX performance, security, and other important things; @ssllabs A+ 100%, @mozilla A+ 120/100.
ethobis/PowerShell-Suite
My musings with PowerShell
ethobis/PythonForWindows
A codebase aimed to make interaction with Windows and native execution easier
ethobis/Red-Teaming-Toolkit
A collection of open source and commercial tools that aid in red team operations.
ethobis/SharpRDP
Remote Desktop Protocol .NET Console Application for Authenticated Command Execution
ethobis/sRDI
Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode
ethobis/UACME
Defeating Windows User Account Control
ethobis/UsoDllLoader
Windows - Weaponizing privileged file writes with the Update Session Orchestrator service
ethobis/web-001
ethobis/web-programming-1