A cross-version Python bytecode decompiler

PyInstaller Extractor

Linux file search, instant results as you type

Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!

Linux通用应急响应脚本，适用大多数情况

2023年最新整理 c++后端开发，1000篇优秀博文，含内存，网络，架构设计，高性能，数据结构，基础组件，中间件，分布式相关

The pattern matching swiss knife

Netlink communication between kernel and userspace.

linux内核学习资料：200+经典内核文章，100+内核论文，50+内核项目，500+内核面试题，80+内核视频

飘云ark（pyark）

r/w virtual memory without attach

eBPF implementation that runs on top of Windows

Secure ELF parsing/loading library for forensics reconstruction of malware, and robust reverse engineering tools

XDP tutorial

A CoreDNS plugin that will attach an eBPF XDP program to a specified interface

A curated list of awesome projects related to eBPF.

Mimic is a eBPF virtual machine and emulator which runs in userspace

Examples for libbpf, aquasecurity/libbpfgo and cilium/ebpf

High-level tracing language for Linux

learn how to use BPF/eBPF

BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more

Compile eBPF program with GitHub Actions and Run locally in one line!

Template designed to get new developers with libbpf development.

Build, Distribute and Run CO-RE eBPF programs easier with JSON and Webassembly OCI images

Generate eBPF programs and tracing with ChatGPT

eBPF Developer Tutorial: Learning eBPF Step by Step with Examples

A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29

A collection of projects demonstrating various commandline cloaking techniques on Linux

Hook function calls by replacing PLT(Procedure Linkage Table) entries.

CodeQLpy是一款基于CodeQL实现的半自动化代码审计工具，目前仅支持java语言。实现从源码反编译，数据库生成，脆弱性发现的全过程，可以辅助代码审计人员快速定位源码可能存在的漏洞。