Pinned Repositories
Arbitrary-Physical-Memory-RW
boiii
☄️ Reverse engineering and analysis of Call of Duty: Black Ops III
DoubleCallBack
eft-1
EPT-HOOK
隐藏钩子过PG
EtwHookDbg
重建调试通道
GpuDecryptShellcode
XOR decrypting shellcode using the GPU with OpenCL.
KMAC
Some usefull info when reverse engineering Kernel Mode Anti-Cheat
xx_tvm
YSignatureCode
特征码搜索引擎
wbaby's Repositories
wbaby/pdbtoheader
pdb's function and global vars to offset
wbaby/anylink-client
AnyLink Secure Client: An SSL VPN client that supports OpenConnect or Cisco's AnyConnect VPN Protocol.
wbaby/bindiff
Quickly find differences and similarities in disassembled code
wbaby/BLAKE3
the official Rust and C implementations of the BLAKE3 cryptographic hash function
wbaby/CVE-2024-30088-Windows-poc
该漏洞存在于 NtQueryInformationToken 函数中,特别是在处理AuthzBasepCopyoutInternalSecurityAttributes 函数时,该漏洞源于内核在操作对象时对锁定机制的不当管理,这一失误可能导致恶意实体意外提升权限。
wbaby/DefenderYara
Extracted Yara rules from Windows Defender mpavbase and mpasbase
wbaby/DictionaryByGPT4
一本 GPT4 生成的单词书📚,超过 8000 个单词分析,涵盖了词义、例句、词根词缀、变形、文化背景、记忆技巧和小故事
wbaby/DirectStorage
DirectStorage for Windows is an API that allows game developers to unlock the full potential of high speed NVMe drives for loading game assets.
wbaby/dns2tcp
将 dns 查询从 udp 转为 tcp 的实用工具
wbaby/EasyPdb
A very simple C library for download pdb, get rva of function, global variable and offset from struct.
wbaby/edk2
EDK II
wbaby/hashplate-cn
PRNG readable hash in the style of China license plates
wbaby/hypervisor-rs
Rusty Hypervisor - Windows Blue Pill Type-2 Hypervisor in Rust (Codename: Matrix)
wbaby/illusion-rs
Rusty Hypervisor - Windows UEFI Blue Pill Type-1 Hypervisor in Rust (Codename: Illusion)
wbaby/jsoncpp
A C++ library for interacting with JSON.
wbaby/kdmp-parser
Windows kernel dump C++ parser
wbaby/openrecall
OpenRecall is a fully open-source, privacy-first alternative to proprietary solutions like Microsoft's Windows Recall. With OpenRecall, you can easily access your digital history, enhancing your memory and productivity without compromising your privacy.
wbaby/pdb-ripper
Extend dia2dump utility to generate cpp code from pdb
wbaby/PDBRipper
PDBRipper is a utility for extract an information from PDB-files.
wbaby/processhacker
A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware.
wbaby/ProcMonXv2
Process Monitor X v2
wbaby/raw_pdb
A C++11 library for reading Microsoft Program DataBase PDB files
wbaby/RealBlindingEDR
Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...
wbaby/RemoteSessionEnum
Remotely Enumerate sessions using undocumented Windows Station APIs
wbaby/RmTools
蓝队应急工具
wbaby/uft
This repo created to manage Issues and access Unreal Finder Tool user interface.
wbaby/Unreal-Finder-Tool
Useful tool to help you fetch and dump Unreal Engine 4 Games information.
wbaby/VirtualKD-Redux
VirtualKD-Redux - A revival and modernization of VirtualKD
wbaby/Voyager
Voyager - A Hyper-V Hacking Framework For Windows 10 x64 (AMD & Intel)
wbaby/VulnerablePatchGuardExploit
A Vulnerable PatchGuard Exploit that can be used to disable PatchGuard on Runtime.