lw8192

lw8192's Stars

• LeCoupa/awesome-cheatsheets

  👩‍💻👨‍💻 Awesome cheatsheets for popular programming languages, frameworks and development tools. They include everything you should know in one single file.

  Language:JavaScript41.1k738916.3k

• everdox/InfinityHook

  Hook system calls, context switches, page faults and more.

  Language:C++2.4k9521499

• TheCruZ/kdmapper

  KDMapper is a simple tool that exploits iqvw64e.sys Intel driver to manually map non-signed drivers in memory

  Language:C++2.1k40119514

• jthuraisamy/SysWhispers

  AV/EDR evasion via direct system calls.

  Language:Assembly1.8k598265

• yeyintminthuhtut/Awesome-Advanced-Windows-Exploitation-References

  List of Awesome Advanced Windows Exploitation References

  1.5k672335

• LordNoteworthy/cpu-internals

  Intel / AMD CPU Internals

  Language:C1.1k471183

• mgeeky/ShellcodeFluctuation

  An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents

  Language:C++963193158

• XaFF-XaFF/Cronos-Rootkit

  Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.

  Language:C++8682415183

• microsoft/WinDbg-Samples

  Sample extensions, scripts, and API uses for WinDbg.

  Language:C++7345938121

• mactec0/Kernelmode-manual-mapping-through-IAT

  Manual mapping without creating any threads, with rw only access

  Language:C++7131517126

• hasherezade/transacted_hollowing

  Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging

  Language:C52220477

• Maldev-Academy/HellHall

  Performing Indirect Clean Syscalls

  Language:C5019167

• thefLink/RecycledGate

  Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll

  Language:C45212054

• foobarto/redteam-notebook

  Collection of commands, tips and tricks and references I found useful during preparation for OSCP exam.

  430120127

• alexvogt91/Kernel-dll-injector

  Kernel-Mode Driver that loads a dll into every new created process that loads kernel32.dll module

  Language:C41415266

• zodiacon/Win10SysProgBookSamples

  Windows 10 System Programming book samples

  Language:C++4142013110

• adrianyy/kernelhook

  Windows inline hooking tool.

  Language:C2385165

• ionescu007/HookingNirvana

  Recon 2015 Presentation from Alex Ionescu

  Language:C23418159

• MrTuxx/OffensiveGolang

  A collection of offensive Go packages inspired by different Go repositories.

  Language:Go2314130

• not-wlan/drvmap

  driver mapper / capcom wrapper

  Language:C++21615384

• Mr-Un1k0d3r/DLLsForHackers

  Dll that can be used for side loading and other attack vector.

  Language:Python2018134

• LordNoteworthy/windows-exploitation

  My notes while studying Windows exploitation

  Language:C++18413135

• nmgwddj/learn-windows-drivers

  Windows drivers 开发的各个基础示例，包含进程、内存、注册表、回调等管理

  Language:C++16313378

• not-matthias/kernel-driver-with-rust

  The source code for my blog post 'Writing a kernel driver with Rust.'

  Language:Rust1317110

• minglinchen/WinKernelDev

  Language:C1266156

• kkent030315/anymapper

  x64 Windows kernel driver mapper, inject unsigned driver using anycall

  Language:C++1245233

• i32-Sudo/64KernelDriverCleaner

  A Kernel Driver that can be used for a cheat or malware base to circumvent common cache & structure table checks. PsLoadedModuleList however requires a PG Bypass on (Some) Machines > 22H2 Win10, Not Win 11

  Language:C++893012

• benoitsevens/applying-ttd-to-malware-analysis

  Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019

  Language:JavaScript39408

• Kennyslaboratory/OSCP-Cheatsheet

  The best checklists for keeping you on track when attempting the OSCP exam.

  364013

• zxgio/gdb-cheatsheet

  GDB cheatsheet for reversing binaries

  Language:TeX21225