Pinned Repositories
KVM
monomorph
MD5-Monomorphic Shellcode Packer - all payloads have the same MD5 hash
Packer
a Packer demo
PPLKiller
Protected Processes Light Killer
PSBits
Simple (relatively) things allowing you to dig a bit deeper than usual.
R3kill360
demo抛砖引玉作为一个思路,此思路再魔改一下是可以连着主动防御整个关掉的,还在用,就不演示了
REKernel
Reverse kernel logging
SimulationVirtualTable
use C Simulation Virtual Table
SkypeFreak
A Forensic Framework for Skype
ThreadStackSpoofer
Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.
qpqpbgbg's Repositories
qpqpbgbg/R3kill360
demo抛砖引玉作为一个思路,此思路再魔改一下是可以连着主动防御整个关掉的,还在用,就不演示了
qpqpbgbg/KVM
qpqpbgbg/monomorph
MD5-Monomorphic Shellcode Packer - all payloads have the same MD5 hash
qpqpbgbg/Packer
a Packer demo
qpqpbgbg/PPLKiller
Protected Processes Light Killer
qpqpbgbg/PSBits
Simple (relatively) things allowing you to dig a bit deeper than usual.
qpqpbgbg/REKernel
Reverse kernel logging
qpqpbgbg/SimulationVirtualTable
use C Simulation Virtual Table
qpqpbgbg/SkypeFreak
A Forensic Framework for Skype
qpqpbgbg/ThreadStackSpoofer
Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.
qpqpbgbg/Intel_Bios_soruce
The BIOS Code from project C970
qpqpbgbg/WFH
qpqpbgbg/XpAPIMonitor
API Monitoring tools for XP