Lossless data compression codec with LZMA-like ratios but 1.5x-8x faster decompression speed, C/C++

Educational repository for learning about rootkits and Windows Kernel Hooks.

CatDriver - The Kernel Mode Driver that written in C++. It is an useful driver and has the highest privilege level on the Windows platform. It can be used for Game Hacking and others.

Previously-0day exploit from the Hacking Team leak, written by Eugene Ching/Qavar.

user-mode filesystem framework for Windows

Examples of leaking Kernel Mode information from User Mode on Windows

A proof of concept injectable C++ dll, that uses naked inline hooking and direct memory modification to change your TeamViewer permissions.

Simple library to spray the Windows Kernel Pool

Formely KMon, a Windows Kernel Driver designed to prevent malware attacks by monitoring the creation of registry keys in common autorun locations and prompting the user whether they want to allow t…

This DKOM exploit enables any app in usermode to access physical memory directly

PoC for detecting and dumping code injection (built and extended on UnRunPE)

Tutorials, tools, and more as related to reverse engineering video games.

xAnalyzer plugin for x64dbg

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

A Simple Multi-Threaded SSH Brute Forcer

x64 manualmapper with kernel elevation and thread hijacking capabilities

Capstone disassembly/disassembler framework for ARM, ARM64 (ARMv8), Alpha, BPF, Ethereum VM, HPPA, LoongArch, M68K, M680X, Mips, MOS65XX, PPC, RISC-V(rv32G/rv64G), SH, Sparc, SystemZ, TMS320C64X, T…

Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port thi…

x86/x64 C++ Hooking Library

Small Scalable Disassembler Engine

Ultra Small Disassembler Engine

The single instruction C compiler

Runtime polymorphism done right

Clean base/cheat made for CS:GO.

👻 A LAN dropbox chatbot controllable via Telegram

Manual PE image mapper

The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.

Handle access elevation via direct kernel object manipulation

Minimal, type safe printf replacement library for C++