fgzhanhao's Stars
MiroKaku/Musa.Veil
Collection of undocumented Windows API declarations.
zer0fl4g/Nanomite
Graphical Debugger for x64 and x86 on Windows
BadPlayer555/KernelGDIDraw
The program draws with win32k gdi functions in the kernel while NtGdiDdDDISubmitCommand is being hooked.
LordNoteworthy/al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
AzureGreen/ArkProtect
An Ark tool project,run on Win7 x86/x64
cloudwindby/MyArkTools
32位Windows内核小工具
ilovecsad/Ark
capstone-engine/capstone
Capstone disassembly/disassembler framework for ARM, ARM64 (ARMv8), Alpha, BPF, Ethereum VM, HPPA, LoongArch, M68K, M680X, Mips, MOS65XX, PPC, RISC-V(rv32G/rv64G), SH, Sparc, SystemZ, TMS320C64X, TriCore, Webassembly, XCore and X86.
DragonQuestHero/Kernel-Anit-Anit-Debug-Plugins
Kernel Anit Anit Debug Plugins 内核反反调试插件
LGCooci/KCObjc4_debug
🌈可编译苹果官方源码objc!现在有objc4底层源码,以及libmalloc等可编译版本,大家可以自由LLDB调试!
llvm/llvm-project
The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.
dibingfa/flash-linux0.11-talk
你管这破玩意叫操作系统源码 — 像小说一样品读 Linux 0.11 核心代码
horsicq/xntsv
XNTSV program for detailed viewing of system structures for Windows.
CodingGay/BlackObfuscator
Black Obfuscator is an obfuscator for Android APK DexFile, it can help developer to protect source code by control flow flattening, and make it difficult to analyze the actual program control flow.
CodingGay/BlackDex
BlackDex is an Android unpack(dexdump) tool, it supports Android 5.0~12 and need not rely to any environment. BlackDex can run on any Android mobile phone or emulator, you can unpack APK File in several seconds.
cheat-engine/cheat-engine
Cheat Engine. A development environment focused on modding
sandboxie-plus/Sandboxie
Sandboxie Plus & Classic
PKRoma/ProcessHacker
A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware—mirror of https://github.com/processhacker2/processhacker.git
abcz316/rwProcMem33
Linux ARM64内核硬件进程内存读写驱动、硬件断点调试驱动。硬件级读写Linux进程内存、硬件级下断点。
ionescu007/SimpleVisor
SimpleVisor is a simple, portable, Intel VT-x hypervisor with two specific goals: using the least amount of assembly code (10 lines), and having the smallest amount of VMX-related code to support dynamic hyperjacking and unhyperjacking (that is, virtualizing the host state from within the host). It works on Windows and UEFI.
intel/haxm
Intel® Hardware Accelerated Execution Manager (Intel® HAXM)
airbus-seclab/qemu_blog
A series of posts about QEMU internals:
asamy/ksm
A fast, hackable and simple x64 VT-x hypervisor for Windows and Linux. Builtin userspace sandbox and introspection engine.
ia32-doc/ia32-doc
IA32-doc is a project which aims to put as many definitions from the Intel Manual into machine-processable format as possible
9176324/Daat
a simple intel vt code both support x86 & x64. PatchGuard monitor.
kouzhudong/libdrv
Static Library For Windows Drivers
npbool/vmxice
Kernel debugger using Intel VT-x. Designed to be compatible with linux, ucore, windows.
ExpLife0011/awesome-windows-kernel-security-development
windows kernel security development
1401199262/Protect_Process
ZhanLang/msddk
windows driver develop kit with c++ mail:maguojun123@126.com