Pinned Repositories
gitignore
A collection of useful .gitignore templates
HackTechLearning
有需求做攻防对抗,买本书学习下常见技术,例子敲一敲
InfinityHook
Hook system calls, context switches, page faults and more.
mstscdump
MSTSC Packet Dump Utility
OllyDbg1plugins
pe_to_shellcode
Converts PE into a shellcode
PoC
QR-Code-Generator-and-Authentication-using-HMAC-HOTP-and-TOTP-
Two-factor authentication and HMACs. Applications to both generate and validate one-time passwords that are compatible with Google Authenticator
TeamTalk
TeamTalk is a solution for enterprise IM
Vmp2.xDemo-Antiobfucated
vmp 2.x research
yangfan6888's Repositories
yangfan6888/100-gdb-tips
A collection of gdb tips. 100 maybe just mean many here.
yangfan6888/AlternativeShellcodeExec
Alternative Shellcode Execution Via Callbacks
yangfan6888/Amaterasu
Amaterasu terminates, or inhibits, protected processes such as application control and AV/EDR solutions by leveraging the Sysinternals Process Explorer driver to kill a process's handles from kernel mode.
yangfan6888/Ark
yangfan6888/AtomicSyscall
Tools and PoCs for Windows syscall investigation.
yangfan6888/AtomPePacker
A Highly capable Pe Packer
yangfan6888/awesome-executable-packing
A curated list of awesome resources related to executable packing
yangfan6888/CallStackSpoofer
A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)
yangfan6888/CPlusPlusThings
C++那些事
yangfan6888/dumpulator
An easy-to-use library for emulating code in minidump files.
yangfan6888/FOKS-TROT
It's a minifilter used for transparent-encrypting.
yangfan6888/FridaScripts
一些frida脚本
yangfan6888/iMonitor
iMonitor(冰镜 - 终端行为分析系统)
yangfan6888/IOCTLDump
yangfan6888/ja-netfilter
A javaagent framework
yangfan6888/kdmapper
KDMapper is a simple tool that exploits iqvw64e.sys Intel driver to manually map non-signed drivers in memory
yangfan6888/MalwareSourceCode
Collection of malware source code for a variety of platforms in an array of different programming languages.
yangfan6888/MemoryModule-1
A tool to parse and load module in memory, as well as attach a DLL in EXE. Most of the functions are inline, so that it can also be used in shellcode.
yangfan6888/N_m3u8DL-CLI
[.NET] m3u8 downloader 开源的命令行m3u8/HLS/dash下载器,支持普通AES-128-CBC解密,多线程,自定义请求头等. 支持简体中文,繁体中文和英文. English Supported.
yangfan6888/noPac
CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
yangfan6888/nopowershell
nopowershell
yangfan6888/NtTools
Some random system tools for Windows
yangfan6888/openrasp
🔥Open source RASP solution
yangfan6888/Or0packBase
《黑客免杀攻防》一书中的C++壳
yangfan6888/pinduoduo_backdoor
拼多多apk内嵌提权代码,及动态下发dex分析
yangfan6888/rdpconsole
yangfan6888/StackWalker
Walking the callstack in windows applications
yangfan6888/VMProtect-devirtualization
Playing with the VMProtect software protection. Automatic deobfuscation of pure functions using symbolic execution and LLVM.
yangfan6888/wechat-hook
yangfan6888/WechatExporter
Wechat Chat History Exporter 微信聊天记录导出程序