Dynamic unpacker and import fixer for Themida/WinLicense 2.x and 3.x.

The materials of "Hypervisor 101 in Rust", a one-day long course, to quickly learn hardware-assisted virtualization technology and its application for high-performance fuzzing on Intel/AMD processors.

Kernel Driver Utility

C++那些事

Kernel Anit Anit Debug Plugins 内核反反调试插件

Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.

一人公司方法论

免杀技术大杂烩---乱拳也打不死老师傅

📚 C/C++ 技术面试基础知识总结，包括语言、程序库、数据结构、算法、系统、网络、链接装载库等知识及面试经验、招聘、内推等信息。This repository is a summary of the basic knowledge of recruiting job seekers and beginners in the direction of C/C++ technology, in…

A PowerShell front-end for the Windows debugger engine.

A collection of links related to VMware escape exploits

Transparently compress active games and programs using Windows 10/11 APIs

wsb-detect enables you to detect if you are running in Windows Sandbox ("WSB")

Windows Implementation Library

Qemu KVM(Kernel Virtual Machine)学习笔记

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

HelloAmdHvPkg is a type-1 research hypervisor for AMD processors.

Tools made for my Hyper-V blog series @ https://foxhex0ne.blogspot.com/

Scripts and cheatsheets for IDAPython

NINA: No Injection, No Allocation x64 Process Injection Technique

Resources for Windows exploit development

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

The Serenity Operating System 🐞

Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.

avList - 杀软进程对应杀软名称

Abusing impersonation privileges through the "Printer Bug"

A Bind Shell Using the Fax Service and a DLL Hijack

Rust for Windows

UEFI bootkit for driver manual mapping