IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

Program for determining types of files for Windows, Linux and MacOS.

Red Canary Mac Monitor is an advanced, stand-alone system monitoring tool tailor-made for macOS security research. Beginning with Endpoint Security (ES), it collects and enriches system events, dis…

信息安全方面的书籍

Use ci.dll API for validating Authenticode signature of files

Helper functions for calculating the authenticode digest for a portable executable file

PowerShell PE Parser

LoadLibrary for offensive operations

Kernel dwm render

An OS-level container which virtualizes Windows' file system, registry, kernel, and network communication.

Manual mapping without creating any threads, with rw only access

Linux Kernel Hacking

Connect, secure, control, and observe services.

A guide for disabling Intel Management Engine using FPT on PCH SPI

天问之路 - 学习笔记&学习周报。内容包括但不限于C++ STL、编译原理、LLVM IR Pass代码优化、CSAPP Lab、uCore操作系统等等。

physical memory introspection framework

Linux kernel hooking library

linux kernel internals research details

Tools for Linux kernel debugging on Bochs (including symbols, native Bochs debugger and IDA PRO)

Fully dockerized Linux kernel debugging environment

Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless. It is derived from ByteDance's internal best practi…

Elemental - An ATT&CK Threat Library

Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)

专为程序员编写的英语学习指南 v1.2。在线版本请点 ->

健康学习到150岁 - 人体系统调优不完全指南

A /proc/mem IDA loader to snapshot a running process

BlackBox is a virtual engine, it can clone and run virtual application on Android, users don't have to install APK file to run the application on devices. BlackBox control all virtual applications,…

程序员延寿指南 | A programmer's guide to live longer

using git on tor