5-day longest streak
-
cpueaxh
Lightweight, dependency-free x86-64 CPU emulation library with Unicorn-like guest mode and direct host-memory execution.
C++ ★ 217 1mo agoExplain → -
iida-mcp
Faster, with excellent architecture, stronger performance, and kernel access support — an ida-mcp tool
Python ★ 203 1mo agoExplain → -
DetectNtoskrnlIntegrity
Windows Kernel Security: Memory Integrity Verification with Disk Verification of ntoskrnl.exe
C++ ★ 28 1y agoExplain → -
iida-dfs
Machine-learning-based function similarity analysis that helps you quickly locate matching functions across different versions of x64 binaries.
Python ★ 20 14d agoExplain → -
EAC_Like_Import_Encrypt
EAC_Like_Import_Encrypt
C++ ★ 11 2mo agoExplain → -
ThumbnailOverlay
An example of using DwmRegisterThumbnail to completely replicate content from another window and overlay custom content on top of it
C++ ★ 8 11mo agoExplain → -
FoxTwo_
Windows kernel-mode driver designed for monitoring and security analysis of Windows 11 I/O Ring operations. Provides detection capabilities for IoRing-based exploitation attempts, WinRing0.sys, pool spray attacks, and cross-process buffer manipulation.
★ 4 6mo agoExplain → -
2025-tencent-game-security-race-pre
2025腾讯游戏安全技术竞赛初赛题解源码
C++ ★ 2 1y agoExplain → -
iced ⑂
Blazing fast and correct x86/x64 disassembler, assembler, decoder, encoder for Rust, .NET, Java, Python, Lua
★ 1 6mo agoExplain → -
KDemu ⑂
A Windows Kernel Driver Emulator base on Unicorn, Kernel Memory Dump and some of native environment
★ 1 6mo agoExplain → -
Simpleator ⑂
Simpleator ("Simple-ator") is an innovative Windows-centric x64 user-mode application emulator that leverages several new features that were added in Windows 10 Spring Update (1803), also called "Redstone 4", with additional improvements that were made in Windows 10 October Update (1809), aka "Redstone 5".
★ 0 7y agoExplain → -
Action_OnePlus_MKSU_SUSFS ⑂
使用Github Action自动编译一加SukiSU内核
★ 0 6mo agoExplain → -
openedr ⑂
Open EDR public repository
★ 0 2y agoExplain → -
krn-rw-ioctl ⑂
simple driver to read and write
★ 0 1y agoExplain → -
IDA-TimeTravelEmulator ⑂
An IDA Pro plugin that simulate time-travel debugging by emulating code execution with Unicorn.
★ 0 10mo agoExplain → -
apiscout ⑂
This project aims at simplifying Windows API import recovery on arbitrary memory dumps
★ 0 3y agoExplain → -
Sanctum ⑂
Sanctum is an experimental proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antivirus. Built in Rust.
★ 0 8mo agoExplain → -
saferwall ⑂
:cloud: Collaborative Malware Analysis Platform at Scale
★ 0 8mo agoExplain → -
drakvuf-sandbox ⑂
DRAKVUF Sandbox - automated hypervisor-level malware analysis system
★ 0 8mo agoExplain → -
File-Encryption-Using-Intel-SGX ⑂
The repository contains the code for Windows console based application that uses Intel-SGX platform for file encryption/decryption using random keys.
★ 0 7y agoExplain → -
Calypso ⑂
UEFI Bootkit with user-mode communication
★ 0 1y agoExplain → -
Super-UEFIinSecureBoot-Disk ⑂
Super UEFIinSecureBoot Disk: Boot any OS or .efi file without disabling UEFI Secure Boot
★ 0 4y agoExplain → -
HookHvcallCodeVa ⑂
No description.
★ 0 3y agoExplain → -
Detect-KeAttachProcess ⑂
Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.
★ 0 4y agoExplain → -
ultimate_spoofer ⑂
A stealthy anti-fingerprinting toolkit for Windows
★ 0 1y agoExplain → -
lilypublic ⑂
No description.
★ 0 4y agoExplain → -
SKRoot-linuxKernelRoot ⑂
新一代SKRoot,挑战全网root检测手段,跟面具完全不同思路,摆脱面具被检测的弱点,完美隐藏root功能,全程不需要暂停SELinux,实现真正的SELinux 0%触碰,通用性强,通杀所有内核,不需要内核源码,直接patch内核,兼容安卓APP直接JNI调用,稳定、流畅、不闪退。
★ 0 1y agoExplain →
No repos match these filters.