MCP Server for Ghidra

Dynamic unpacker and import fixer for Themida/WinLicense 2.x and 3.x.

Rule Snippet & Rule Set for Surge / Mihomo (Clash.Meta) / sing-box

official repository of TPCTF2025 (some challenges are still in progress)

FakeNet-NG - Next Generation Dynamic Network Analysis Tool

.NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!

Rapidly initialize Windows Sanbox for malware analysis and reverse engineering

Non-authoritatively making Frida less (not un-!)detectable by applying some symptomatic patches. Melded with CrackerCat/strongR-frida-android, hzzheyang/strongR-frida-android and Ylarod/Florida. No…

Search engine for CTF writeups with instant results.

基于eBPF的堆栈追踪工具

Some common reverse exps in CTF.自己总结编写的一些逆向常用脚本&&常见加密/编码的实现源码和比赛时用的处理脚本。

An XNU kernel race condition bug

这是什么？女装！存一下！

in preparation for the pyjail club

Obsidian theme as it exists in my `.obsidian` folder.

DexDumper based eBPF on Android Platform

👻 Ghostty is a fast, feature-rich, and cross-platform terminal emulator that uses platform-native UI and GPU acceleration.

Bindiff_for_IDA9 (support 9.0rc1 9.0 9.1)

yarGen is a generator for YARA rules

🔥🔥hooker是一个基于frida实现的逆向工具包。为逆向开发人员提供统一化的脚本包管理方式、通杀脚本、自动化生成hook脚本、内存漫游探测activity和service、firda版JustTrustMe、boringssl unpinning

CorePatch / 核心破解

Virtual Engine for Android(Support 14.0 in business version)

平头哥的核心代码

out-of-tree llvm obfuscation pass plugin (dynamically loadable by rustc). || rust toolchain with obfuscation llvm pass.

基础反检测 frida-server / Basic anti-detection frida-server

Linux Runtime Security and Forensics using eBPF