yusufqk

yusufqk's Stars

• reactos/reactos

  A free Windows-compatible Operating System

  Language:C15k35601.8k

• corkami/pics

  File formats dissections and more...

  Language:Assembly10.6k36515747

• SinaKarvandi/Hypervisor-From-Scratch

  Source code of a multiple series of tutorials about the hypervisor. Available at: https://rayanfam.com/tutorials

  Language:C2.3k5520310

• Idov31/Nidhogg

  Nidhogg is an all-in-one simple to use windows kernel rootkit.

  Language:C++1.9k3616278

• Wenzel/awesome-virtualization

  Collection of resources about Virtualization

  1.8k899292

• wavestone-cdt/EDRSandblast

  Language:C1.6k3816284

• boku7/BokuLoader

  A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!

  Language:C1.3k2612244

• vxunderground/VXUG-Papers

  Research code & papers from members of vx-underground.

  Language:C1.2k790235

• outflanknl/C2-Tool-Collection

  A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.

  Language:C1.2k192199

• ScarredMonk/SysmonSimulator

  Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.

  Language:C8372012109

• hasherezade/demos

  Demos of various injection techniques found in malware

  Language:C790552183

• Cr4sh/s6_pcie_microblaze

  PCI Express DIY hacking toolkit for Xilinx SP605. This repository is also home of Hyper-V Backdoor and Boot Backdoor, check readme for links and info

  Language:C757490157

• jstrosch/learning-reverse-engineering

  This repository contains sample programs written primarily in C and C++ for learning native code reverse engineering.

  Language:C53624184

• Cracked5pider/KaynLdr

  KaynLdr is a Reflective Loader written in C/ASM

  Language:C527131106

• Cr4sh/KernelForge

  A library to develop kernel level Windows payloads for post HVCI era

  Language:C++38013073

• hasherezade/process_overwriting

  Yet another variant of Process Hollowing

  Language:C++35612477

• Cerbersec/Ares

  Project Ares is a Proof of Concept (PoC) loader written in C/C++ based on the Transacted Hollowing technique

  Language:C32915254

• paranoidninja/Process-Instrumentation-Syscall-Hook

  A simple program to hook the current process to identify the manual syscall executions on windows

  Language:C2509046

• FSecureLABS/Ninjasploit

  A meterpreter extension for applying hooks to avoid windows defender memory scans

  Language:C24112240

• Mr-Un1k0d3r/WindowsDllsExport

  A list of all the DLLs export in C:\windows\system32\

  Language:C2127034

• Yaxser/COFFLoader2

  Load and execute COFF files and Cobalt Strike BOFs in-memory

  Language:C2065044

• Signal-Labs/IOCTLDump

  Language:C++1398337

• NtQuerySystemInformation/NlsCodeInjectionThroughRegistry

  Dll injection through code page id modification in registry. Based on jonas lykk research

  Language:C++1205226

• MalwareTech/Log4jTools

  Tools for investigating Log4j CVE-2021-44228

  Language:Python957312

• hasherezade/mal_unpack_drv

  MalUnpack companion driver

  Language:C++937017

• cdong1012/IDAPython-Malware-Scripts

  Language:Python686015

• guitmz/midrashim

  PT_NOTE to PT_LOAD x64 ELF infector written in Assembly

  Language:Assembly41206

• evilbuffer/Osiris-Sourcecode

  Alleged source code leak of Osiris banking trojan

  Language:C372116

• eurecom-s3/loaders_modeling

  Language:Python241334

• BeyondBinary/CVE-2018-19320

  Exploiting ring0 memcpy-like functionality to disable Driver Signing Enforcement (DSE)

  Language:C++8203