Stars
dnSpyEx / dnSpy
Forked from dnSpy/dnSpyUnofficial revival of the well known .NET debugger and assembly editor, dnSpy
Diaphora, the most advanced Free and Open Source program diffing tool.
An IDA plugin that can be used to partially synchronize IDBs between different users reversing the same binaries
C++17 library for comfortable and efficient dynamic polymorphism
CVE-2025-50168 Exploit PoC — Pwn2Own Berlin 2025 - LPE(Windows 11) winning bug.
Windows KASLR bypass using prefetch side-channel
Library and tools to access the Windows XML Event Log (EVTX) format
A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware—mirror of https://github.com/processhacker2/processhacker.git
idahunt is a framework to analyze binaries with IDA Pro and hunt for things in IDA Pro
Place to store our documentation, code samples, etc for public consumption.
FPGA modules used together with the PCILeech Direct Memory Access (DMA) Attack Software
This repro contains all the code and documentation for the MiniKvm project and the CH9329 controller
Demonstrate calling a kernel function and handle process creation callback against HVCI
Supplemental open-source components for use in developing device drivers for Windows.
The Windbg extensions to study Hyper-V on Intel and AMD processors.
ch347 480Mbps high-speed USB to Jtag/I2C/SPI/Uart/GPIO etc.
No source code here, this is just where I store the RU.EFI and RU.EXE binary files. They are all encrypted, please find password on my blog page.
UEFI Bootkit Framework that attacks boot-time Code Integrity
KrabsETW provides a modern C++ wrapper and a .NET wrapper around the low-level ETW trace consumption functions.
Calling "own" MouseClassServiceCallback
Hiding the window from screenshots using the function win32kfull::GreProtectSpriteContent
Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling without admin permissions or kernel drivers.