Lists (1)
Stars
Handling C++ & __try exceptions without the need of built-in handlers.
FULL Augment Code, Claude Code, Cluely, CodeBuddy, Comet, Cursor, Devin AI, Junie, Kiro, Leap.new, Lovable, Manus, NotionAI, Orchids.app, Perplexity, Poke, Qoder, Replit, Same.dev, Trae, Traycer AI…
Bypass ring3 (IAT, Inline) hooking techniques
Hook syscalls from ring0 without triggering PatchGuard
A library to manipulate physical memory from usermode.
A custom tool to unpack VMProtect-obfuscated executables and restore the original binary
Simple AST for reverse engineering, purely meant as an example.
Ohayou(おはよう), HTTP load generator, inspired by rakyll/hey with tui animation.
Automatic vtable detection, inheritance analysis, and function override tracking for reverse engineering compiled C++ binaries. Supports IDA Pro 9+ on any OS
Return to a 32-bit environment in an x64 program and trigger a bound exception to communicate with the driver layer via KeRegisterBoundCallback.
⚡ A curated list of awesome Svelte resources
Usermode exploit to bypass any AC using a 0day shatter attack.
😎 Awesome lists about all kinds of interesting topics
Obfuscating function calls using Vectored Exception Handlers by redirecting execution through exception-based control flow. Uses byte swapping without memory or assembly allocation.
Automated multi-engine framework for unpacking, analyzing, and devirtualizing binaries protected by commercial and custom Virtual Machine based protectors. Combines Dynamic Taint Tracking, Symbolic…
Find out how to bypass HVCI (or not). My own research on Microsoft Warbird (specifically in clipsp.sys)
KVC enables unsigned driver loading via DSE bypass (g_CiOptions patch, skci.dll hijack, SeCiCallbacks redirection) and PP/PPL manipulation for LSASS memory dumping on modern Windows with HVCI/VBS.
Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.
EDR-Freeze is a tool that puts a process of EDR, AntiMalware into a coma state.