Stars
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
Free and Open Source Reverse Engineering Platform powered by rizin
RetDec is a retargetable machine-code decompiler based on LLVM.
A simple C++11 Thread Pool implementation
Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.
Bear is a tool that generates a compilation database for clang tooling.
Framework for lifting x86, amd64, aarch64, sparc32, and sparc64 program binaries to LLVM bitcode
Automated static analysis tools for binary programs
wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows and Linux user-m…
A lightweight dynamic instrumentation library
Binary, coverage-guided fuzzer for Windows, macOS, Linux and Android
RpcView is a free tool to explore and decompile Microsoft RPC interfaces
SuperDllHijack:A general DLL hijack technology, don't need to manually export the same function interface of the DLL, so easy! 一种通用Dll劫持技术,不再需要手工导出Dll的函数接口了
Walking the callstack in windows applications
KrabsETW provides a modern C++ wrapper and a .NET wrapper around the low-level ETW trace consumption functions.
Windows - Weaponizing privileged file writes with the Update Session Orchestrator service
A Bochs-based instrumentation project designed to log kernel memory references, to identify "double fetches" and other OS vulnerabilities
Manipulating and Abusing Windows Access Tokens.
Source code for File Test - Interactive File System Test Tool