w1nds

HouseDun

Pinned Repositories

AheadLib64
x64 dll hijacking tool(like AheadLib)
Language:C++55 6 126
Blackbone
Windows memory hacking library
Language:C++4 2 04
blog_material
Language:Python2 2 00
DisPg
Language:C2 2 00
dll2shellcode
dll转shellcode工具
Language:C100 5 045
EACReversing
Reversing EasyAntiCheat.
Language:C3 2 01
ishellcode
shellcode注入测试工具
Language:C++49 3 013
qq_revoke_patch
QQ防撤回补丁
Language:C++4 4 02
Scylla
Imports Reconstructor
Language:C++4 2 00
Shark
Turn off PatchGuard in real time for win7 (7600) ~ win10 (17763).
Language:C2 2 01

w1nds's Repositories

w1nds/vmprotect-3.5.1
Language:C++1 0 0
w1nds/ACPI_SANDBOX_DETECT
通过ACPI检测沙箱
Language:C++0 0
w1nds/al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
w1nds/Amsi-Killer
Lifetime AMSI bypass
Language:C++0 0
w1nds/arp-spoofing-go
基于go语言实现的ARP欺骗工具，支持局域网内主机扫描，ARP投毒、中间人攻击、敏感信息嗅探，HTTP报文嗅探
Language:Go0 0
w1nds/Banshee
Experimental Windows x64 Kernel Rootkit.
w1nds/Beacon_Source
not a reverse-engineered version of the Cobalt Strike Beacon
Language:C0 0
w1nds/DRat
去中心化远程控制工具（Decentralized Remote Administration Tool），通过ENS实现了配置文件分发的去中心化，通过Telegram实现了服务端的去中心化
Language:Go0 0
w1nds/drivers-binaries
Exploitable drivers, you know what I mean
0 0
w1nds/Drv_Hide_And_Camouflage
Language:C0 0
w1nds/EDRception
A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
w1nds/EDRs
Language:C0 0
w1nds/EDRSandblast
Language:C0 0
w1nds/ETWProcessMon2
ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
w1nds/GhostDriver
yet another AV killer tool using BYOVD
Language:Rust0 0
w1nds/GraphStrike
Cobalt Strike HTTPS beaconing over Microsoft Graph API
Language:C0 0
w1nds/Ingram
网络摄像头漏洞扫描工具 | Webcam vulnerability scanning tool
Language:Python0 0
w1nds/inline-syscall
Inline syscalls made for MSVC supporting x64 and x86
Language:C++0 0
w1nds/LOLDrivers
Living Off The Land Drivers
Language:YARA0 0
w1nds/minihttp
A minimal 2-file (cpp+h) TCP & HTTP client implementation. Supports GET & simple POST. Optional SSL via PolarSSL/mbedTLS. Cross-platform, uses POSIX or Win32 API. C++03 with STL.
w1nds/Nidhogg
Nidhogg is an all-in-one simple to use rootkit for red teams.
Language:C++0 0
w1nds/ntoskrnl
Windows 常用版本内核文件收集
w1nds/numen
简单安排一下 autochk.sys 这个rootkit
Language:C++0 0
w1nds/perfect-loader
Load a dynamic library from memory by modifying the native Windows loader
Language:C++0 0
w1nds/ReadPhys
r/w virtual memory without attach
Language:C++0 0
w1nds/RedTeaming-Tactics-and-Techniques
Red Teaming Tactics and Techniques
Language:PowerShell0 0
w1nds/TrueSightKiller
CPP AV/EDR Killer
Language:C++0 0
w1nds/VX-API
Collection of various malicious functionality to aid in malware development
Language:C++0 0
w1nds/Windows-10-22H2-Vulnerable-driver-communication
Allocate memory in the kernel & r/w control registers with a vulnerable driver.
Language:C++0 0
w1nds/wow64ext
Another wow64ext to try to be compatible with WOW64 for all architectures.
Language:C++0 0