Pinned Repositories
CPU-X
CPU-X is a Free software that gathers information on CPU, motherboard and more.
DLLHijackingScanner
This is a PoC for bypassing UAC using DLL hijacking and abusing the "Trusted Directories" verification.
Micro-Capstone-Engine-API-Documentation
This is an unofficial Capstone Disassembly Engine API document by kabeor
PlugIn
Plugin
Reverse-Engineering-Tutorial
A comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
SppExtComObjHook
vmware-backdoor
vmware-backdoor
WinAPI-Tricks
windows-api-function-cheatsheets
A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization, interprocess communication, Unicode string manipulation, error handling, Winsock networking operations, and registry operations.
jilvan1234's Repositories
jilvan1234/1337Visor
Type 2 Hypervisor for security research supported by AMD-V hardware assisted virtualization
jilvan1234/AetherVisor
Memory hacking library powered by AMD SVM
jilvan1234/Amsi-Killer
Lifetime AMSI bypass
jilvan1234/Anti-Rootkit
jilvan1234/awesome-ida-x64-olly-plugin
A curated list of IDA x64DBG, Ghidra and OllyDBG plugins.
jilvan1234/CVE-2022-21894
baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability
jilvan1234/CVE-2022-3699
Lenovo Diagnostics Driver EoP - Arbitrary R/W
jilvan1234/CVE-2022-42046
CVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation via DKOM
jilvan1234/dissect.cobaltstrike
Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles
jilvan1234/DumpThatLSASS
Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation , it contains Anti-sandbox , if you run it under unperformant Virtual Machine you need to uncomment the code related to it and recompile.
jilvan1234/FilelessRemotePE
Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique
jilvan1234/health-code-index
健康码模拟 - 索引
jilvan1234/Injector
Cheat injector for kernel + efi level
jilvan1234/Intel-Alder-Lake-BIOS
The BIOS Code from project C970
jilvan1234/malware-samples
Contains deobfuscated and otherwise interesting malware samples.
jilvan1234/MemFiles
A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk
jilvan1234/Nidhogg
Nidhogg is an all-in-one simple to use rootkit for red teams.
jilvan1234/openedr
Open EDR public repository
jilvan1234/oxorany
obfuscated any constant encryption in compile time on any platform
jilvan1234/pinduoduo_backdoor
拼多多apk内嵌提权代码,及动态下发dex分析
jilvan1234/qiapiao
QQSpeed Fast Drift / QQspeed
jilvan1234/qqspeed-3
Source Code Client , No Server
jilvan1234/sehcall
Windows X64 mode use seh in manual mapped dll or manual mapped sys
jilvan1234/SilentMoonwalk
PoC Implementation of a TRUE call stack spoofer
jilvan1234/TerraLdr
A Payload Loader Designed With Advanced Evasion Features
jilvan1234/vidar_config
Extracts Vidar config from Command & Control servers for specific botnets
jilvan1234/video-virtual-memory-materials
《关于编写 x64 Windows 10 驱动以了解虚拟内存这件事》系列视频附带的代码和材料
jilvan1234/WFPExplorer
Windows Filtering Platform Explorer
jilvan1234/Windows_RootKit
A windows kernel-mode rootkit with remote control
jilvan1234/x64-Page-Walker
Walks through the 4-level paging structures in Windows x64