ufrisk's Stars
pardeike/Harmony
A library for patching, replacing and decorating .NET and Mono methods during runtime
skelsec/pypykatz
Mimikatz implementation in pure Python
everdox/InfinityHook
Hook system calls, context switches, page faults and more.
Yamato-Security/hayabusa
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Mattiwatti/EfiGuard
Disable PatchGuard and Driver Signature Enforcement at boot time
VitorVilela7/wide-snes
Super Mario World (SNES) Widescreen Project
silverf0x/RpcView
RpcView is a free tool to explore and decompile Microsoft RPC interfaces
asamy/ksm
A fast, hackable and simple x64 VT-x hypervisor for Windows and Linux. Builtin userspace sandbox and introspection engine.
slack2450/csgo-dma-overlay
A basic CS:GO ESP utilising DMA and HDMI-Overlay
HyperSine/Windows10-CustomKernelSigners
Load self-signed drivers without TestSigning or disable DSE. Transferred from https://github.com/DoubleLabyrinth/Windows10-CustomKernelSigners
evild3ad/MemProcFS-Analyzer
MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
Voulnet/barq
barq: The AWS Cloud Post Exploitation framework!
realoriginal/bootlicker
A generic UEFI bootkit used to achieve initial usermode execution. It works with modifications.
willglynn/pdb
A parser for Microsoft PDB (Program Database) debugging information
h33p/vmread
A library to read/write memory to Windows on KVM
evild3ad/Collect-MemoryDump
Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
ekknod/pcileech-wifi
pcileech-fpga with wireless card emulation
mame82/UnifyingVulnsDisclosureRepo
Formerly private repository for discussion, knowledge- and code-sharing around new Unifying vulns, as announced on Twitter
gerhart01/LiveCloudKd
Hyper-V Research is trendy now
chip-red-pill/crbus_scripts
IPC scripts for access to Intel CRBUS
MaaSTaaR/SSFS
Simple & Stupid Filesystem (Using FUSE)
LuckyPi/PushPin
visma-prodsec/columbo
Columbo is a computer forensic analysis tool used to simplify and identify specific patterns in compromised datasets.
tandasat/HelloIommuPkg
The sample DXE runtime driver demonstrating how to program DMA remapping.
NetTLP/libtlp
A library for PCIe Transaction Layer
ufrisk/MemProcFS-plugins
google/go-pcie-tlp
Builds and parses PCIe Transport Layer Packets (TLPs)
google/go-pcie-screamer
Provides io.ReadWriter interface for a PCIe screamer device
skelsec/aiowinreg
Registry hive parsing the async way
ufrisk/pdbcrust
c-library wrapper around the rust pdb crate