UNIX-like reverse engineering framework and command-line toolset

Maintained continuation of Stefan Sundin's AltDrag

Windows tool for dumping malware PE files from memory back to disk for analysis.

A tun2socks implementation written in Go.

Power full Task Manager

绕3环的shellcode免杀框架

Reversing EasyAntiCheat.

The Grimoire Hypervisor solution for x86 Processors with experimental nested virtualization support. Remastering with Rust in progress.

A fork of the DiskCryptor full disk encryption tool

Public Domain C Library of Cryptographic functions. Including: MD5, SHA1, SHA256, SHA512, RC4, AES, AES-CTR, AES-OFB, AES-CBC

Contains the definitions for the Windows Internal UserMode API from ntdll.dll, samlib.dll and winsta.dll.

Collection of undocumented Windows API declarations.

Kernel driver loader using vulnerable gigabyte driver (https://www.secureauth.com/labs/advisories/gigabyte-drivers-elevation-privilege-vulnerabilities) to load a unsigned driver

Beacon compiled using clang

Create virtual keyboard, mouse, or joystick and send events like key press, mouse pointer movement or joystick axis over the tcp socket connection. Can also send real device events (Alpha feature).

Standalone meson compile of nVidia's nvapi.

A kernel vulnerability used to achieve arbitrary read-write on Windows prior to July 2022

An small utility for recover deleted file using C++ Win32 and Kernel-mode driver