zhuhuibeishadiao

一入逆向深似海,从此孤单一个人。

WenZhouChina

Pinned Repositories

exploit-RemoteDesktopServerDriver
exploit termdd.sys(support kb4499175)
Language:C59 3 225
JunkDriveOpenSource
Some garbage drivers written for getting started
Language:C++62 5 042
MiniVTx64
Intel Virtualization Technology demo
Language:C62 3 045
NewHideDriverEx
Hide Driver By MiProcessLoaderEntry
Language:C275 17 6144
ntoskrnl
The Windows Research Kernel (WRK)
Language:C162 4 0246
ObRegisterCallBacksByPass
old bypass
Language:C32 4 022
PatchGuardResearch
win10 pgContext dynamic dump (btc version)
Language:C++98 6 134
PathModification
Process path modification x64
Language:C51 2 136
PFHook
Page fault hook use ept (Intel Virtualization Technology)
Language:C170 7 085
WskHttp
Windows kernel drivers simple HTTP library for modern C++
Language:C++357

zhuhuibeishadiao's Repositories

zhuhuibeishadiao/NtRays
Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.
Language:C++3 0 0
zhuhuibeishadiao/StackVMCPP
A stack and register based virtual machine which can compile and run arbitrary code in runtime
Language:C++2 0 0
zhuhuibeishadiao/BlackDex
BlackDex是一个运行在Android手机上的脱壳工具，支持5.0～12，无需依赖任何环境任何手机都可以使用，包括模拟器。只需几秒，即可对已安装包括未安装的APK进行脱壳。
Language:Java1 0 0
zhuhuibeishadiao/CFB
Canadian Furious Beaver is a tool for monitoring IRP handler in Windows drivers, and facilitating the process of analyzing, replaying and fuzzing Windows drivers for vulnerabilities
Language:C++1 0 0
zhuhuibeishadiao/crtsys
C/C++ Runtime library for system file (Windows Kernel Driver) - Supports Microsoft STL
Language:C++1 0 0
zhuhuibeishadiao/donut
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
11
zhuhuibeishadiao/feng
data driven file format template system
1
zhuhuibeishadiao/libmem
Process & Memory Hacking Library written in C89 (Windows/Linux/BSD) (Internal/External) (x86/x64, ARM/ARM64) (C/C++)
Language:C1 0 02
zhuhuibeishadiao/manual_exception_handling
Handling C++ & __try exceptions without the need of built-in handlers.
Language:C++1 0 0
zhuhuibeishadiao/MsIoExploit
Exploit MsIo vulnerable driver
1
zhuhuibeishadiao/NoVmpy
Language:Python1 0 0
zhuhuibeishadiao/ucxxrt
The Universal C++ RunTime library, supporting kernel-mode C++ exception-handler and STL.
Language:C++1 1 01
zhuhuibeishadiao/unipacker
Automatic and platform-independent unpacker for Windows binaries based on emulation
1
zhuhuibeishadiao/AceLdr
Cobalt Strike UDRL for memory scanner evasion.
zhuhuibeishadiao/ACEPatcher
A simple to use, gui based program for patching .NET assemblies
zhuhuibeishadiao/DriverBuddyReloaded
Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks
zhuhuibeishadiao/dumpscan
zhuhuibeishadiao/efiXplorer
IDA plugin for UEFI firmware analysis and reverse engineering automation
zhuhuibeishadiao/FindFunc
FindFunc is an IDA PRO plugin to find code functions that contain a certain assembly or byte pattern, reference a certain name or string, or conform to various other constraints.
zhuhuibeishadiao/ghidra-atom-microcode
Ghidra Processor Module to disassemble and decompile the x86 Intel Atom microcode
zhuhuibeishadiao/hello-world
一个新的开始
Language:Shell
zhuhuibeishadiao/HexRaysCodeXplorer
Hex-Rays Decompiler plugin for better code navigation
1
zhuhuibeishadiao/Karta
Karta - source code assisted fast binary matching plugin for IDA
zhuhuibeishadiao/PicoSHA2
a header-file-only, SHA256 hash generator in C++
zhuhuibeishadiao/sgn
Shikata ga nai (仕方がない) encoder ported into go with several improvements
Language:Go0 0
zhuhuibeishadiao/SneakCalls
direct systemcalls with a modern c++20 interface.
zhuhuibeishadiao/stlkrn
C++ STL in the Windows Kernel with C++ Exception Support
1
zhuhuibeishadiao/vscode-frida
Unofficial frida extension for VSCode
zhuhuibeishadiao/wfrest
C++ Web Framework REST API
zhuhuibeishadiao/yara
The pattern matching swiss knife