Stars
IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations
Program for determining types of files for Windows, Linux and MacOS.
fengjixuchui / mac-monitor
Forked from redcanaryco/mac-monitorRed Canary Mac Monitor is an advanced, stand-alone system monitoring tool tailor-made for macOS security research. Beginning with Endpoint Security (ES), it collects and enriches system events, dis…
Use ci.dll API for validating Authenticode signature of files
Helper functions for calculating the authenticode digest for a portable executable file
ashr / DarkLoadLibrary
Forked from bats3c/DarkLoadLibraryLoadLibrary for offensive operations
An OS-level container which virtualizes Windows' file system, registry, kernel, and network communication.
Manual mapping without creating any threads, with rw only access
A guide for disabling Intel Management Engine using FPT on PCH SPI
天问之路 - 学习笔记&学习周报。内容包括但不限于C++ STL、编译原理、LLVM IR Pass代码优化、CSAPP Lab、uCore操作系统等等。
linux kernel internals research details
Tools for Linux kernel debugging on Bochs (including symbols, native Bochs debugger and IDA PRO)
Fully dockerized Linux kernel debugging environment
Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless. It is derived from ByteDance's internal best practi…
Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)
专为程序员编写的英语学习指南 v1.2。在线版本请点 ->
A /proc/mem IDA loader to snapshot a running process
BlackBox is a virtual engine, it can clone and run virtual application on Android, users don't have to install APK file to run the application on devices. BlackBox control all virtual applications,…
程序员延寿指南 | A programmer's guide to live longer