Pinned Repositories
4RTools
Autopot, Skill Spammer, Dancer Macro and more
access
Access without a real handle
al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
AntiCheat-Testing-Framework
Framework to test any Anti-Cheat
AntiOS
Pyhton scripts that can change your Windows fingerprints and ID
AutoSpitta-x64
Mouse emulation driver for Windows 10 x64
Gepard
Full Gepard bypass
Zeus
Zeus - Ragnarok Packet Logger / Parser / Recorder
koodpzok's Repositories
koodpzok/ColdHook
A simple open source memory hooking library for Windows x86/x64
koodpzok/devi
Devirtualize Virtual Calls
koodpzok/dll_to_exe
Converts a DLL into EXE
koodpzok/Dumpert
LSASS memory dumper using direct system calls and API unhooking.
koodpzok/Eac-Bypass
koodpzok/evil-mhyprot-cli
A PoC for vulnerable driver "mhyprot" that allows us to read/write memory in kernel/user from usermode.
koodpzok/Full-Kernel-Driver
koodpzok/hwid-magic
Spoof your hdd, ram etc serial number, in case you got hwid ban, lol.
koodpzok/HWID-shifter
Spoofing the Windows 10 HDD/disk drive serial number.
koodpzok/Kernel-Anit-Anit-Debug-Plugins
Kernel Anit Anit Debug Plugins 内核反反调试插件
koodpzok/km-um-communication
A somewhat wide collection of various kernelmode-usermode communication methods in one repository (mainly just for learning purposes).
koodpzok/launcher-abuser
Stealthy way to hijack the existing game process handle within the game launcher (currently supports Steam and Battle.net). Achieve external game process read/write with minimum footprint.
koodpzok/libpeconv
A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl
koodpzok/logitech-cve
10/11/2020
koodpzok/MBE
Course materials for Modern Binary Exploitation by RPISEC
koodpzok/NoCRC
Crappy PoC to show how CRC hash can be easily manipulated, did this just because 1 person in unknown cheats was in denial.
koodpzok/NoEmbeds
Dump embedded binary files in a file
koodpzok/NoVmp
A static devirtualizer for VMProtect x64 3.x. powered by VTIL.
koodpzok/pafish
Pafish is a demonstration tool that employs several techniques to detect sandboxes and analysis environments in the same way as malware families do.
koodpzok/pclone
pclone is small project designed to clone running processes.
koodpzok/PerfMon
first commit
koodpzok/pics
Posters, drawings...
koodpzok/Plugins
koodpzok/Process-Dump
Windows tool for dumping malware PE files from memory back to disk for analysis.
koodpzok/Themidie
x64dbg plugin to bypass Themida 3.x Anti-Debugger / VM / Monitoring programs checks (x64)
koodpzok/vmpdump
A dynamic VMP dumper and import fixer, powered by VTIL.
koodpzok/VmwareHardenedLoader
Vmware Hardened VM detection mitigation loader (anti anti-vm)
koodpzok/VTIL-Core
Virtual-machine Translation Intermediate Language
koodpzok/windows-syscalls
Windows System Call Tables (NT/2000/XP/2003/Vista/2008/7/2012/8/10)
koodpzok/winforms-gui-loader
driver interface with dll-injection capabilities