40行代码检测到大部分CobaltStrike的shellcode

A somewhat wide collection of various kernelmode-usermode communication methods in one repository (mainly just for learning purposes).

Extracted Yara rules from Windows Defender mpavbase and mpasbase

Repository of Yara Rules

🪝 Various EPT hook detection approaches

Hook system calls on Windows by using Kaspersky's hypervisor

安全运营部署指南（wazuh部署指南）

信息安全方面的书籍

View ETW Provider manifest

Advanced Privacy Tool for Windows

Source code of a multiple series of tutorials about the hypervisor. Available at: https://rayanfam.com/tutorials

ELF hash manipulate tool

红蓝对抗以及护网相关工具和资料，内存shellcode（cs+msf）和内存马查杀工具

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

Windows Anti-Rootkit Tool

Diaphora, the most advanced Free and Open Source program diffing tool.

Lightweight Intel VT-x Hypervisor.

Linux kernel source tree

ELF 文件解析程序

Linux 内核揭秘

A collection of classic computer science books from Internet

linux内核学习资料：200+经典内核文章，100+内核论文，50+内核项目，500+内核面试题，80+内核视频

Hypervisor based anti anti debug plugin for x64dbg

Lightweight Intel VT-x Hypervisor.

Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.

Minimalistic VT-x hypervisor with hooks

500篇关于虚拟化的经典资料，含CPU虚拟化，磁盘虚拟化，内存虚拟化，io虚拟化。