Pinned Repositories
FuzzingPaper
Recent Fuzzing Paper
gdrv-loader
Kernel driver loader using vulnerable gigabyte driver (https://www.secureauth.com/labs/advisories/gigabyte-drivers-elevation-privilege-vulnerabilities) to load a unsigned driver
hwid-spoofer
Information_Security_Books
150本信息安全方面的书籍书籍(持续更新)
khaleesi
Anti-debug library based on al-khaser with ScyllaHide/TitanHide detection.
learn-LDDD
《Linux 设备驱动开发详解》(宋宝华) 学习笔记
Lycosidae
Modern x64 anti-debug library
RedTeamer
红方人员作战执行手册
snifferview-1
体积小巧功能强大的网络封包嗅探分析工具-snifferview
WorldReverse
Game Source Code 再現
fengjixuchui's Repositories
fengjixuchui/al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
fengjixuchui/AMSI-BYPASS
"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS
fengjixuchui/Collection
收集某些Rookit
fengjixuchui/CVE-2024-27460
Plantronics Desktop Hub LPE
fengjixuchui/DrawBridge
Layer 4 Single Packet Authentication Linux kernel module utilizing Netfilter hooks and kernel supported Berkeley Packet Filters (BPF)
fengjixuchui/DumpDriver
fengjixuchui/ELFieScanner
A C++ tool for process memory scanning & suspicious telemetry generation that attempts to detect a number of malicious techniques used by threat actors & those which have been incorporated into open-source user-mode rootkits.
fengjixuchui/Elkeid
Elkeid is a Cloud-Native Host-Based Intrusion Detection solution project to provide next-generation Threat Detection and Behavior Audition with modern architecture.
fengjixuchui/hvICE
hypervisor enforced patch protection for the linux kernel with xen + libvmi, libvmi KASLR offset spoofer
fengjixuchui/IDA_Easy_Life
自己收集与编写的常用IDA脚本,通常用于反混淆
fengjixuchui/KoviD
LKM Rootkit
fengjixuchui/krf
A kernelspace syscall interceptor and randomized faulter
fengjixuchui/linux-kernel-module-cheat
The perfect emulation setup to study and develop the Linux kernel v5.4.3, kernel modules, QEMU, gem5 and x86_64, ARMv7 and ARMv8 userland and baremetal assembly, ANSI C, C++ and POSIX. GDB step debug and KGDB just work. Powered by Buildroot and crosstool-NG. Highly automated. Thoroughly documented. Automated tests. "Tested" in an Ubuntu 19.10 host.
fengjixuchui/makfn
have fun pasting this shit src made by leproxy pasted from naze
fengjixuchui/MilvusVisor
A thin-hypervisor that runs on aarch64 CPUs.
fengjixuchui/ReadApex
fengjixuchui/ReadPhysicalMemory-Without-API
This project can bypass most of the AC except for some perverts that enable VT to monitor page tables
fengjixuchui/reveng_rtkit
Linux Loadable Kernel Module (LKM) based rootkit capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.
fengjixuchui/rootkit
Linux rootkit for Ubuntu 16.04 and 10.04 (Linux Kernels 4.4.0 and 2.6.32), both i386 and amd64
fengjixuchui/Rust-for-Malware-Development
This repository contains my complete resources and coding practices for malware development using Rust 🦀.
fengjixuchui/self_hooking_system
fengjixuchui/syscalls-table
Simple tool to generate HTML table of Linux system calls on different architectures
fengjixuchui/sysdig
Linux system exploration and troubleshooting tool with first class support for containers
fengjixuchui/TInjector
劫持Zygote在App启动前注入so
fengjixuchui/TrollDump
fengjixuchui/weetabix
A C++ PoC implementation for enumerating Windows Fibers directly from memory
fengjixuchui/WinArk
Windows Anti-Rootkit Tool
fengjixuchui/windbg-uefi
这篇文章的目的是介绍一款实验性项目基于COM命名管道或者Windows Hyper-V虚拟机Vmbus通道实现的运行在uefi上的windbg调试引擎开发心得
fengjixuchui/windows-driver-docs-ddi
The official Windows Driver Kit DDI reference documentation sources
fengjixuchui/yyjson
The fastest JSON library in C