focuspadding
Follow
WindowsSecurity
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
Collection of resources to learn pentesting, exploit development, obfuscation & much more.
PointerGuard is a proof-of-concept tool used to create 'guarded' pointers which disguise pointer addresses, monitor reads/writes, and prevent access from external processes.
Beginner learning materials on how to reverse engineer video games
C/C++ Runtime library for system file (Windows Kernel Driver) - Supports Microsoft STL
windows kernel security development
可在非测试模式下符号化读取内核内存。Kernel memory can be read symbolically in non test mode。
Hex-Rays Decompiler plugin for better code navigation
Hypervisor based anti anti debug plugin for x64dbg
Windows kernel hacking framework, driver template, hypervisor and API written on C++
Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.
A simple example how to decrypt kernel debugger data block
library for importing functions from dlls in a hidden, reverse engineer unfriendly way
This is a **WIP** tool that performs shellcode obfuscation in x86 instruction set.
A lib that allows using mhyprot2 driver for enum process modules, r/w process memory and kill process.
AntiSpy is a free but powerful anti virus and rootkits toolkit.It offers you the ability with the highest privileges that can detect,analyze and restore various kernel modifications and hooks.With …
A little tool to play with Windows security
bddisasm is a fast, lightweight, x86/x64 instruction decoder. The project also features a fast, basic, x86/x64 instruction emulator, designed specifically to detect shellcode-like behavior.
Framework to test any Anti-Cheat