Pinned Repositories
Arbitrary-Physical-Memory-RW
boiii
☄️ Reverse engineering and analysis of Call of Duty: Black Ops III
DoubleCallBack
eft-1
EPT-HOOK
隐藏钩子过PG
EtwHookDbg
重建调试通道
GpuDecryptShellcode
XOR decrypting shellcode using the GPU with OpenCL.
KMAC
Some usefull info when reverse engineering Kernel Mode Anti-Cheat
xx_tvm
YSignatureCode
特征码搜索引擎
wbaby's Repositories
wbaby/acdrv
base for testing
wbaby/APT_Step_Bear_Inject
复现《EDR的梦魇:Storm-0978使用新型内核注入技术“Step Bear”》
wbaby/CVE-2024-40431-CVE-2022-25479-EOP-CHAIN
CVE-2024-40431+CVE-2022-25479 chain for EOP(DATA ONLY ATTACK)
wbaby/DebugViewPP
DebugView++, collects, views, filters your application logs, and highlights information that is important to you!
wbaby/emulator
🪅 Windows User Space Emulator
wbaby/FakeHdcImage
wbaby/HP-Socket
High Performance TCP/UDP/HTTP Communication Component
wbaby/hvdetecc
Collection of hypervisor detections
wbaby/HyperDbg
HyperDbg debugger is an open-source, user mode and kernel mode Windows debugger with a focus on using hardware technologies.
wbaby/IDA-Pro-SigMaker
Signature maker plugin for IDA 8.x
wbaby/KernelCallbackTable-Injection-PoC
Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijack execution flow
wbaby/KexecDDPlus
Exploiting the KsecDD Windows driver through Server Silos
wbaby/lsassdump
lsassdump via RtlCreateProcessReflection and NanoDump
wbaby/LsassReflectDumping
This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone is created, it utilizes MINIDUMP_CALLBACK_INFORMATION callbacks to generate a memory dump of the cloned process
wbaby/Mergen
Deobfuscation via optimization with usage of LLVM IR and parsing assembly.
wbaby/mtprotoproxy
Async MTProto proxy for Telegram
wbaby/mtproxy
MTProxyTLS一键安装绿色脚本
wbaby/mu_msvm
VM firmware pkg for Project Mu
wbaby/Office-Tool
Office Tool Plus localization projects.
wbaby/OmniParser
A simple screen parsing tool towards pure vision based GUI agent
wbaby/Polaris-Obfuscator
Polaris: An LLVM-based obfuscator that protects software at various levels
wbaby/roundcubemail
The Roundcube Webmail suite
wbaby/telemirror
Telegram message forwarder (client API)
wbaby/tpm_sniffing_pin
wbaby/vmp2-devirtualization
vmp2.x virtualization
wbaby/WebZjs
A fully-featured javascript/typescript library for interacting with the Zcash network from the browser
wbaby/wechat-dump-rs
该工具用于导出正在运行中的微信进程的 key 并自动解密所有微信数据库文件以及导出 key 后数据库文件离线解密。
wbaby/windows
Windows inside a Docker container.
wbaby/yt-dlp
A feature-rich command-line audio/video downloader
wbaby/zcash-offical
Zcash - Internet Money