Pinned Repositories
exploit-RemoteDesktopServerDriver
exploit termdd.sys(support kb4499175)
JunkDriveOpenSource
Some garbage drivers written for getting started
MiniVTx64
Intel Virtualization Technology demo
NewHideDriverEx
Hide Driver By MiProcessLoaderEntry
ntoskrnl
The Windows Research Kernel (WRK)
ObRegisterCallBacksByPass
old bypass
PatchGuardResearch
win10 pgContext dynamic dump (btc version)
PathModification
Process path modification x64
PFHook
Page fault hook use ept (Intel Virtualization Technology)
WskHttp
Windows kernel drivers simple HTTP library for modern C++
zhuhuibeishadiao's Repositories
zhuhuibeishadiao/NtRays
Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.
zhuhuibeishadiao/StackVMCPP
A stack and register based virtual machine which can compile and run arbitrary code in runtime
zhuhuibeishadiao/BlackDex
BlackDex是一个运行在Android手机上的脱壳工具,支持5.0~12,无需依赖任何环境任何手机都可以使用,包括模拟器。只需几秒,即可对已安装包括未安装的APK进行脱壳。
zhuhuibeishadiao/CFB
Canadian Furious Beaver is a tool for monitoring IRP handler in Windows drivers, and facilitating the process of analyzing, replaying and fuzzing Windows drivers for vulnerabilities
zhuhuibeishadiao/crtsys
C/C++ Runtime library for system file (Windows Kernel Driver) - Supports Microsoft STL
zhuhuibeishadiao/donut
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
zhuhuibeishadiao/feng
data driven file format template system
zhuhuibeishadiao/libmem
Process & Memory Hacking Library written in C89 (Windows/Linux/BSD) (Internal/External) (x86/x64, ARM/ARM64) (C/C++)
zhuhuibeishadiao/manual_exception_handling
Handling C++ & __try exceptions without the need of built-in handlers.
zhuhuibeishadiao/MsIoExploit
Exploit MsIo vulnerable driver
zhuhuibeishadiao/NoVmpy
zhuhuibeishadiao/ucxxrt
The Universal C++ RunTime library, supporting kernel-mode C++ exception-handler and STL.
zhuhuibeishadiao/unipacker
Automatic and platform-independent unpacker for Windows binaries based on emulation
zhuhuibeishadiao/AceLdr
Cobalt Strike UDRL for memory scanner evasion.
zhuhuibeishadiao/ACEPatcher
A simple to use, gui based program for patching .NET assemblies
zhuhuibeishadiao/DriverBuddyReloaded
Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks
zhuhuibeishadiao/dumpscan
zhuhuibeishadiao/efiXplorer
IDA plugin for UEFI firmware analysis and reverse engineering automation
zhuhuibeishadiao/FindFunc
FindFunc is an IDA PRO plugin to find code functions that contain a certain assembly or byte pattern, reference a certain name or string, or conform to various other constraints.
zhuhuibeishadiao/ghidra-atom-microcode
Ghidra Processor Module to disassemble and decompile the x86 Intel Atom microcode
zhuhuibeishadiao/hello-world
一个新的开始
zhuhuibeishadiao/HexRaysCodeXplorer
Hex-Rays Decompiler plugin for better code navigation
zhuhuibeishadiao/Karta
Karta - source code assisted fast binary matching plugin for IDA
zhuhuibeishadiao/PicoSHA2
a header-file-only, SHA256 hash generator in C++
zhuhuibeishadiao/sgn
Shikata ga nai (仕方がない) encoder ported into go with several improvements
zhuhuibeishadiao/SneakCalls
direct systemcalls with a modern c++20 interface.
zhuhuibeishadiao/stlkrn
C++ STL in the Windows Kernel with C++ Exception Support
zhuhuibeishadiao/vscode-frida
Unofficial frida extension for VSCode
zhuhuibeishadiao/wfrest
C++ Web Framework REST API
zhuhuibeishadiao/yara
The pattern matching swiss knife