Unofficial frida extension for VSCode

Mirrors for my talk materials

自身学习的安全数据科学和算法的学习资料

Reverse Engineering Resources About All Platforms(Windows/Linux/macOS/Android/iOS/IoT) And Every Aspect! (More than 3500 open source tools and 2300 posts&videos)

fuzzing + concolic = fuzzolic :)

L1TF (Foreshadow) VM guest to host memory read PoC

Dump of win32k POCs for bugs I've found

iOS <13.5 sandbox escape/entitlement 0day

We developed GRAT2 Command & Control (C2) project for learning purpose.

Local Privilege Escalation Edition for CVE-2021-1675/CVE-2021-34527

Distinguish from the verify code by machine learning.

Tool to get NT system shell .

PickleC2 is a post-exploitation and lateral movements framework

A WIP framework for post exploitation, malware research, learning win32 and the native api, and more.

Feature-rich Post Exploitation Framework with Network Pivoting capabilities.

A User Impersonation tool - via Token or Shellcode injection

Another Go Shellcode Loader using Windows APIs

Materials for Windows Malware Analysis training (volume 1)

A free but powerful Windows kernel research tool.

Official Vanguard Anti-Cheat source code.

Evasive shellcode loader for bypassing event-based injection detection (PoC)

Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.

Ghidra is a software reverse engineering (SRE) framework

Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider

A collection of pwn/CTF related utilities for Ghidra

Windows kernel and user mode emulation.

InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditiona…

hBPF = eBPF in hardware