Open Source EDR for Windows

EDR Lab for Experimentation Purposes

Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...

AV/EDR Evasion

Simulate the behavior of AV/EDR for malware development training.

KDMapper is a simple tool that exploits iqvw64e.sys Intel driver to manually map non-signed drivers in memory

Disable PatchGuard and Driver Signature Enforcement at boot time

一个基于VT的开源调试器 界面是delphi编写

For when DLLMain is the only way

超轻量级中文ocr，支持竖排文字识别, 支持ncnn、mnn、tnn推理 ( dbnet(1.8M) + crnn(2.5M) + anglenet(378KB)) 总模型仅4.7M

Demonstrates implementation of the Windows 10 Acrylic Effect on C++ Win32 Apps using DWM Private APIs and Direct Composition

Document ETW providers

A small x64 library to load dll's into memory.

Fork from Microsoft

In-memory hiding technique

Reflective DLL Injection Made Bella

Implementation of Indirect Syscall technique to pop a calc.exe

ClamAV - Documentation is here: https://docs.clamav.net

Universal modifier for Chromium/V8 | 广谱注入 Chromium/V8 的通用修改器

WinRing0 is a hardware access library for Windows.

Siver微信机器人

EvolveUI is a modern, highly styled Qt6 QML front-end component library dedicated to providing a consistent, elegant, and responsive UI experience for cross-platform applications. Inspired by Teleg…

Weaponize DLL hijacking easily. Backdoor any function in any DLL.

Windows版本微信客户端（非网页版）自动化，可实现简单的发送、接收微信消息，简单微信机器人

🐍Python 3 wrapper of Microsoft UIAutomation. Support UIAutomation for MFC, WindowsForm, WPF, Modern UI(Metro UI), Qt, IE, Firefox, Chrome ...

学无止下载器，慕课下载器，Mooc网课下载，中国大学慕课，网易云课堂，有道精品课，有道领世，启航教育，腾讯课堂，腾讯会议，钉钉，飞书，B站课堂，中公网校，荔枝微课，海豚知道，伯索云，爱问云，百家云，希望学，希望学素养，希望优课，高途，途途，高途高中规划，高途素养，研途，学浪，抖音课堂，千聊，兴趣岛，橙啦，超星学习通，学银在线，智慧职教，职教云，知到智慧树，网易公开课，学堂在线，爱课程，华尔街…

Cross platform RPC library using shared memory.

This repository serves as the official issue tracking place for InstallForge.