Pinned Repositories
access
Access without a real handle
adfilter
This is a ad filter software using dns based on tdifw
ADVobfuscator
Obfuscation library based on C++11/14 and metaprogramming
AllTools
All reasonably stable tools
antispy
AntiSpy is a free but powerful anti virus and rootkits toolkit.It offers you the ability with the highest privileges that can detect,analyze and restore various kernel modifications and hooks.With its assistance,you can easily spot and neutralize malwares hidden from normal detectors.
AppContainerSandbox
An example sandbox using AppContainer (Windows 8+)
APT_Digital_Weapon
Indicators of compromise (IOCs) collected from public resources and categorized by Qi-AnXin.
arkime
Arkime (formerly Moloch) is an open source, large scale, full packet capturing, indexing, and database system.
Avanguard
fork HoShiMin Avanguard
vs-obfuscation
string hide, api hide
kycgni's Repositories
kycgni/ADVobfuscator
Obfuscation library based on C++11/14 and metaprogramming
kycgni/APT_Digital_Weapon
Indicators of compromise (IOCs) collected from public resources and categorized by Qi-AnXin.
kycgni/CTFTools
Personal CTF Toolkit
kycgni/Ekko
Sleep Obfuscation
kycgni/ETWProcessMon2
ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
kycgni/flare-ida
IDA Pro utilities from FLARE team
kycgni/ImHex
🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
kycgni/isa-l
Intelligent Storage Acceleration Library
kycgni/liblnk
Library and tools to access the Windows Shortcut File (LNK) format
kycgni/libvshadow
Library and tools to access the Volume Shadow Snapshot (VSS) format
kycgni/MalwareSourceCode
Collection of malware source code for a variety of platforms in an array of different programming languages.
kycgni/microsoft-pdb
Information from Microsoft about the PDB format. We'll try to keep this up to date. Just trying to help the CLANG/LLVM community get onto Windows.
kycgni/MINT
Contains the definitions for the Windows Internal UserMode API from ntdll.dll, samlib.dll and winsta.dll.
kycgni/nanodump
A crappy LSASS dumper with no ASCII art
kycgni/NativePayload_DCP
Compiling Csharp in-memory and Execute to bypass AVs
kycgni/PacketSender
Network utility for sending / receiving TCP, UDP, SSL, HTTP
kycgni/pcileech
Direct Memory Access (DMA) Attack Software
kycgni/process_doppelganging
My implementation of enSilo's Process Doppelganging (PE injection technique)
kycgni/proxygen
A collection of C++ HTTP libraries including an easy to use HTTP server.
kycgni/PSBits
Simple (relatively) things allowing you to dig a bit deeper than usual.
kycgni/ShellcodeLoader-1
该项目为Shellocde加载器,详细介绍了我们如何绕过防病毒软件,以及该工具如何使用
kycgni/SneakCalls
direct systemcalls with a modern c++20 interface.
kycgni/syserdebugger
kycgni/TrafficMonitor
这是一个用于显示当前网速、CPU及内存利用率的桌面悬浮窗软件,并支持任务栏显示,支持更换皮肤。
kycgni/VirtualKD-Redux
VirtualKD-Redux - A revival and modernization of VirtualKD
kycgni/VMProtect-Source
Source of VMProtect (NOT OFFICIALLY)
kycgni/VX-API-1
Collection of various malicious functionality to aid in malware development
kycgni/WinArk
Windows Anti-Rootkit Tool
kycgni/xVMP
kycgni/xxHash
Extremely fast non-cryptographic hash algorithm