zfdyq0

zfdyq0's Stars

• ExpLife0011/awesome-windows-kernel-security-development

  windows kernel security development

  2k1332538

• ReClassNET/ReClass.NET

  More than a ReClass port to the .NET platform.

  Language:C#1.9k58167374

• Cybellum/DoubleAgent

  Zero-Day Code Injection and Persistence Technique

  Language:C1.2k10613414

• ClownQq/YDArk

  X64内核小工具

  1.2k3030215

• 9176324/Shark

  Turn off PatchGuard in real time for win7 (7600) ~ later

  Language:C9914846303

• Mattiwatti/PPLKiller

  Protected Processes Light Killer

  Language:C++8993421142

• can1357/ThePerfectInjector

  Literally, the perfect injector.

  Language:C894328195

• hfiref0x/DSEFix

  Windows x64 Driver Signature Enforcement Overrider

  Language:C7294413250

• adrianyy/rw_socket_driver

  Driver that uses network sockets to communicate with client and read/ write protected process memory.

  Language:C474164146

• danielkrupinski/MemJect

  Simple Dll injector loading from memory. Supports PE header and entry point erasure. Written in C99.

  Language:C465202589

• antiwar3/py

  飘云ark（pyark）

  Language:C447203668

• can1357/CVE-2018-8897

  Arbitrary code execution with kernel privileges using CVE-2018-8897.

  Language:C++412169100

• ln93/kosmos_chs_tutorial

  A Chinese version tutorial about installing kosmos

  400181251

• 0xcpu/ExecutiveCallbackObjects

  Research on Windows Kernel Executive Callback Objects

  Language:C28120265

• M-r-J-o-h-n/SWH-Injector

  An Injector that can inject dll into game process protected by anti cheat using SetWindowsHookEx.

  Language:C++2406361

• 0vercl0k/kdmp-parser

  A Windows kernel dump C++ parser library with Python 3 bindings.

  Language:C++194161329

• Schnocker/HLeaker

  An usermode alternative for DuplicateHandle.

  Language:C#17615266

• notscimmy/pplib

  Elevate a process to be a protected process

  Language:C++1447442

• vmcall/x64-vm

  x86-64 virtual machine and disassembler

  Language:C++1288130

• zzhouhe/PG1903

  Language:C1104065

• ContionMig/LSASS-Usermode-Bypass

  This bypass is for anti cheats like battleye and EAC. All this does is abuse lsass's handles and use them for yourself. This is quite useful as this is usermode which doesnt require you to find a way to load a driver

  Language:C++1046123

• zhuhuibeishadiao/PatchGuardResearch

  win10 pgContext dynamic dump (btc version)

  Language:C++1046136

• yardenshafir/SymlinkCallback

  A driver that hooks C: volume using symbolic link callback to track all FS access to the volume

  Language:C++1039037

• zouxianyu/PhysicalMemoryRW

  the basic version of the ring0 physical memory read/write tool

  Language:C898143

• fengjixuchui/SharedMemory-By-Frankoo

  Kernel driver that uses Shared memory to communicate with UserMode

  Language:C844040

• vasco2016/shellsploit-framework

  New Generation Exploit Development Kit

  Language:Python646026

• notscimmy/libinject

  Currently supports injecting signed/unsigned DLLs in 64-bit processes

  Language:C++595118

• matias-kovero/tarkov

  A npm library for the Escape from Tarkov API

  Language:TypeScript5852415

• M-r-J-o-h-n/Driver-Manual-Mapper

  Language:C435222

• M-r-J-o-h-n/LSASS-injector

  LSASS INJECTOR

  Language:C++342120