【Windows内核安全】真棒Windows内核安全开发 | 人工智能开发者中心

apaas.dev

31 May 2022

SEO Title

awesome-windows-kernel-security-development

category

软件开发

awesome-windows-kernel-security-development

powershell

github.com/rootclay/Powershell-Attack-Guide

pe file format

github.com/corkami/pics

asm ide

github.com/ThomasJaeger/VisualMASM
github.com/Dman95/SASM
github.com/mrfearless/UASM-with-RadASM

meltdown/spectre poc

github.com/turbo/KPTI-PoC-Collection
github.com/gkaindl/meltdown-poc
github.com/feruxmax/meltdown
github.com/Eugnis/spectre-attack

lightweight c++ gui library

github.com/Xoliper/ANGE
github.com/iUIShop/LibUIDK (mfc skin ui)
github.com/zlgopen/awtk
github.com/idea4good/GuiLite
github.com/golang-ui/nuklear
github.com/Dovyski/cvui
github.com/andlabs/libui
github.com/hasaranga/RFC-Framework
github.com/dustpg/LongUI
github.com/bognikol/Eleusis

direct ui

github.com/caozhiyi/DuiLib_c
www.skinui.cn/
www.showdoc.cc/skinui?page_id=135303
help.5yyz.com/665984
github.com/SOUI2/soui
github.com/netease-im/NIM_Duilib_Framework
github.com/gclxry/EasyDuilib
github.com/v-star0719/MFC_LogicalWnd
github.com/duzhi5368/FKDuiLibEditor
github.com/wanttobeno/bkuilib
github.com/wanttobeno/XSkin1.0
github.com/idea4good/GuiLite
github.com/redrains/DuiLib_Redrain
github.com/wanttobeno/UIDesigner
github.com/zhongyang219/TrafficMonitor
github.com/wanttobeno/Duilib_Extension
github.com/zhongyang219/MusicPlayer2
github.com/nmgwddj/duilib_tutorial
github.com/redrains/DuiLib_Redrain
github.com/nmgwddj/InstallAssist
github.com/netease-im/NIM_PC_UIKit
github.com/nmgwddj/Optimizer
github.com/nmgwddj/BarPCMaster (netbar)

chrome

github.com/shuax/GreenChrome

chrome Extension

github.com/Tuhinshubhra/ExtAnalysis

cef

github.com/JelinYao/MyChrome
github.com/fanfeilong/cefutil
github.com/acristoffers/CEF3SimpleSample
github.com/sanwer/Browser

WebBrowser

github.com/zhichao281/duilib-MiniBlinkBrowser
github.com/litehtml/litebrowser
github.com/venam/Browser (lib)
github.com/wanttobeno/Study_IWebBrowser2

d3d

github.com/QianMo/Direct3D-Win32-Book-Src-Code
github.com/MKXJun/DirectX11-With-Windows-SDK
github.com/ThirteenAG/d3d9-wrapper

opencv

github.com/JimmyHHua/opencv_tutorials

bass

github.com/r10s/BASS_VST

lua

github.com/vinniefalco/LuaBridge

c++ 11/14/17/20

github.com/0voice/cpp_new_features
github.com/akkaze/ThreadPool
github.com/xiaoweiChen/CPP-Concurrency-In-Action-2ed-2019
github.com/xiaoweiChen/CPP-17-STL-cookbook
github.com/changkun/modern-cpp-tutorial

cmake

github.com/xiaoweiChen/CMake-Cookbook

DesignPattern

design-patterns.readthedocs.io/zh_CN/latest/index.html
github.com/Waleon/DesignPatterns
github.com/GoodmanTao/DesignPatternInC

c++ & js

github.com/xhawk18/promise-cpp
github.com/panopticoncentral/jsrt-wrappers
github.com/wargio/WSH-Framework
github.com/ExpLife0011/WebBrowser
github.com/wanttobeno/Study_mujs

gdi/gdi+

www.mctrl.org/ (win32 control lib)
github.com/wanttobeno/AlphaEditor
github.com/wanttobeno/FastZoomDemo (zoom)
github.com/wanttobeno/GdiPlusTextEffect
github.com/wanttobeno/GdiPlusString
github.com/wanttobeno/WindowFinder
github.com/wanttobeno/ymagine
github.com/wanttobeno/levels-adjustment
github.com/wanttobeno/ElipsePic
github.com/wanttobeno/windows-effect
github.com/wanttobeno/Study_easing_animation
github.com/wanttobeno/Study_FindPicAlgorithm (find picture algorithm)
github.com/wanttobeno/Window_GlassIntro_demo

QT

github.com/ShowFL/Toou-2D
github.com/jaredtao/TaoQuick
github.com/feiyangqingyun/qucsdk
github.com/feiyangqingyun/QWidgetDemo
github.com/feiyangqingyun/qtkaifajingyan
github.com/feiyangqingyun/QWidgetExe

computer vision & machine learning

github.com/wanttobeno/sod

compress

github.com/wanttobeno/snappy

Dongle

github.com/wanttobeno/Dongle

spy++

github.com/wjx0912/MySpy

Shell Extension for Windows Explorer

github.com/derceg/explorerplusplus
github.com/XhmikosR/perfmonbar (perfmonbar)
github.com/abhimanyusirohi/ThumbFish (nice demo)
github.com/matssigge/JASE
github.com/Oeffner/MtzExtInfoTip
github.com/danielgrigg/ContextMenuDemo
github.com/monolithpl/stexbar
github.com/CaSchmidt/csMenu
github.com/blndev/ExplorerUtilitys
github.com/pke/Windows-Explorer-OSGi-Shell-Extensions
github.com/Anton-V-K/MultiThumbExtension
github.com/0ffffffffh/ffmpegShellExtension
github.com/Ralph-Lee/WinShellExt
github.com/slivermeteor/LockKeys
github.com/alexandermenze/ShellExtensionInfoTip
github.com/jbrandwood/EditWith
github.com/calzakk/CyoHash
github.com/asa75asa/ImageResizer
github.com/tillig/JunctionShellExtensions
github.com/keybase/KBShellExt
github.com/T800G/StatusBar7
github.com/vladm3/ShellExtension
github.com/sop/cygextreg
github.com/AndreasVerhoeven/HTMLPreviewShellExtension
github.com/alvinhochun/KritaShellExtension
github.com/AUTOMATIC1111/3ds-shell
github.com/google/google-drive-shell-extension
github.com/TortoiseGit/TortoiseGit
github.com/sanje2v/MantaPropertyExtension
github.com/phwitti/cmdhere

windows system programming

github.com/dengqizhou30/AIAssistC
github.com/solemnwarning/rehex (hex editor)
github.com/progmboy/openprocmon (procmon)
github.com/ezrealik/AI-Icarus (AI iflytek SDK)
rufus.ie/ (Create bootable USB drives the easy way)
github.com/emmanuel-marty/em_inflate (Fast, small, in-memory inflate (zlib, deflate and gzip decompression))
github.com/skadro-official/skCrypter (string crypt)
github.com/hynninen/win-pbkdf2
github.com/K0rz3n/PatchesTester (check system patch info)
github.com/nccgroup/WindowsJobLock (Windows Process Lockdown Tool using Job Objects)
github.com/long123king/TokenInsight
github.com/btbd/access (Access without a real handle)
github.com/CoatiSoftware/Sourcetrail (Source code explorer)
github.com/DoubleLabyrinth/WindowsSudo
github.com/AzureGreen/NetView
github.com/MFCer/AutoUpdate
github.com/ufrisk/LeechCore (Physical Memory Acquisition Library)
github.com/marcosd4h/sysmonx
github.com/Dankirk/RegSLScan
github.com/nogginware/mstscdump
github.com/zodiacon/ApiSetView
github.com/DOGSHITD/SciDetectorApp (SCI)
github.com/DOGSHITD/AcpiTool (ACPI)
github.com/VertexToEdge/WindowFunctionTracer
github.com/sganis/golddrive
github.com/yanncam/exe2powershell
github.com/owodelta/coilgun (Direct API Calling)
github.com/NYAN-x-CAT/Disable-Windows-Defender
github.com/d35ha/CallObfuscator
github.com/zodiacon/RegEditX
github.com/ZhanLang/jcfs (everything)
github.com/ZhanLang/msdk (sdk)
github.com/MiroKaku/ConMon
github.com/SinaKarvandi/Process-Magics
github.com/LoukaMB/ExceptionSupervisor
github.com/zmrbak/PcWeChatHooK
github.com/not-matthias/Nemesis (process dumper)
github.com/QAX-A-Team/EventCleaner
github.com/BlackINT3/none (common lib)
github.com/77Sera/BrowserSecurity
github.com/amitwaisel/Malproxy (Proxy system calls over an RPC channel)
github.com/jnastarot/soul_eater (it can extract functions from .dll, .exe, .sys)
github.com/mtth-bfft/lsobj
github.com/mtth-bfft/ntsec
github.com/fritzone/obfy
github.com/microsoft/NetworkDirect
github.com/jay/gethooks
github.com/laxodev/RAII-WINAPI-Memory-Manager
github.com/hfiref0x/WDExtract
github.com/binbibi/libedge
github.com/bb107/WinSudo
github.com/can1357/WinFaults
github.com/Silica/sandbox
github.com/horsicq/Nauz-File-Detector
github.com/horsicq/xntsv (nt struct)
github.com/jnastarot/shibari (pe+)
github.com/NoMoreFood/WinPriv
github.com/yejiansnake/windows-sys-base
github.com/lifenjoiner/pacdbger
github.com/lifenjoiner/sendto-plus
github.com/billziss-gh/winspd
github.com/ffiirree/Capturer
github.com/Claybird/lhaforge
github.com/jjzhang166/nargnos-WindowsUtil
github.com/cool2528/baiduCDP
github.com/anhkgg/SuperWeChatPC
github.com/Alex3434/GetHDDSerial
github.com/TonyChen56/HackerTools
github.com/libyal/liblnk
github.com/NtRaiseHardError/Kaiser
github.com/mengskysama/V8 (chrome v8 engine)
github.com/locustwei/WorkBack
github.com/360-A-Team/EventCleaner
github.com/Microsoft/Windows-classic-samples
github.com/troldal/OpenXLSX (.xlsx format)
github.com/mity/windrawlib (GDI+ Helper)
github.com/henrypp/errorlookup
github.com/longmode/authzsec-mod-um (AppContainer and ACL)
github.com/henrypp/memreduct
github.com/thomaslaurenson/LiveDiff (live diff)
github.com/thomaslaurenson/CellXML-offreg (hive file parse)
github.com/zhaolong/libparser (static lib parse)
github.com/WildByDesign/Privexec
github.com/KangLin/RabbitIm
github.com/kingsunc/MiniDump
github.com/amdf/reparselib
github.com/Zero3K/connectfusion (download manager)
github.com/Zero3K/ERAM (RAM Disk)
github.com/bailey27/cppcryptfs ( gocryptfs encrypted overlay filesystem)
github.com/etsubu/MacroRecorder (recording keyboard and mouse macros)
github.com/wyrover/CodeLib
github.com/Rprop/CppDLL (dll to .h and lib)
github.com/seledka/syslib
github.com/leecher1337/regremap
github.com/webees/ADkiller
github.com/skysilent/coroutine_study (fiber)
github.com/ruusty/NAntMenu
github.com/chrdavis/PIFShellExtensions
github.com/codepongo/zshellext
github.com/lz77win/lz77win_sources
github.com/Microsoft/perfview
github.com/GameTechDev/PresentMon
github.com/hfiref0x/BSODScreen
github.com/CasualX/LibEx
github.com/syhyz1990/baiduyun
github.com/WalkingCat/SymDiff
github.com/libyal/libevtx
github.com/wanttobeno/Screenshot
github.com/scarsty/tinypot
github.com/jonasblunck/DynHook
github.com/y11en/PEBFake (PEB fake)
github.com/wanttobeno/mousehook (setwindowhook)
github.com/wanttobeno/DXF-Viewer
github.com/wanttobeno/XmlConfigDemo
github.com/wanttobeno/GeneralHashFunctions
github.com/wanttobeno/Chrome-base-cpu
github.com/wanttobeno/stl_util
github.com/wanttobeno/LinkHelper
github.com/wanttobeno/Ring3GetProcessInfo
github.com/zsummer/breeze
github.com/wanttobeno/SoftWareManager
github.com/wanttobeno/GetMacAddress
github.com/wanttobeno/HtmlViewer
github.com/wanttobeno/AltServer
github.com/wanttobeno/GetPeInfo
github.com/wanttobeno/notepad
github.com/wanttobeno/PELearningMaterials
github.com/wanttobeno/Detours_4.0.1
github.com/wanttobeno/skinsb
github.com/wanttobeno/DLib-Attacher
github.com/wanttobeno/VmpHandle
github.com/wanttobeno/ScopeGuard (resource safe delete)
github.com/wanttobeno/HashMapDemo
github.com/wanttobeno/nanob (protobuf)
github.com/wanttobeno/baidu-sofa-pbrpc-win (protobuf)
github.com/xlet/UpdateClient
github.com/wanttobeno/AesFileProtection
github.com/wanttobeno/IeProxy
github.com/wanttobeno/MyProtocol
github.com/wanttobeno/Window_KeyAndMouseHook
github.com/wanttobeno/doublebufferedqueue (double buffered queue)
github.com/DoubleLabyrinth/010Editor-keygen (keygen)
github.com/wanttobeno/Cpp11ThreadPool
github.com/wanttobeno/Study_shellcode (shellcode)
github.com/wanttobeno/Study_algorithm (data struct)
github.com/wanttobeno/ThreadPool
github.com/wanttobeno/Study_threadpool (thread pool)
github.com/wanttobeno/Study_Websocket (websocket)
github.com/Amanieu/asyncplusplus
github.com/wanttobeno/Study_Socket
github.com/wanttobeno/DllProtect
github.com/allenyllee/The-CPUID-Explorer
github.com/wanttobeno/SunDaySearchSignCode
github.com/wanttobeno/x64_AOB_Search (fast search memory algorithm)
github.com/wanttobeno/iQIYI_Web_Video_Upload (http simulate upload)
github.com/wanttobeno/Study_XiaoMi_Login (https simulate login)
github.com/fawdlstty/NetToolbox
github.com/hzqst/FuckCertVerifyTimeValidity
github.com/717021/PCMgr (task manager)
github.com/silverf0x/RpcView (rpc)
github.com/ez8-co/unlocker ()
github.com/nkga/self-updater (framework for secure self-update)
github.com/liamkirton/sslcat (nc with ssl)
github.com/Seineruo/RSA-Tool
github.com/PBfordev/wxAutoExcel
github.com/ax330d/Symex
github.com/Biswa96/PDBDownloader
github.com/Biswa96/TraceEvent
github.com/hfiref0x/Misc
github.com/SergioCalderonR/DelSvc
github.com/wyrover/win-privileges-examples (DACL)
github.com/nccgroup/WindowsDACLEnumProject (DACL)
github.com/xqymain/ServerLocker
github.com/wanttobeno/SunDaySearchSignCode (fast search memory)
github.com/zhongyang219/SimpleNotePad
github.com/zhongyang219/TrafficMonitor
github.com/codereba/data_scrambler (scrambler)
github.com/3gstudent/Catch-specified-file-s-handle (enum file handle)
github.com/intel/safestringlib
github.com/eyusoft/asutlity
github.com/ThomasThelen/BrowserLib
github.com/OSRDrivers/dirchange
github.com/OSRDrivers/deleteex (FileDispositionInfoEx)
github.com/notscimmy/YASS (sig scanner)
github.com/942860759/BrowserHistory
github.com/NoMoreFood/putty-cac
github.com/NoMoreFood/Repacls
github.com/NoMoreFood/WinPriv
github.com/NoMoreFood/Crypture
github.com/Microsoft/winfile
github.com/mullvad/windows-libraries
github.com/wjcsharp/wintools
github.com/nmgwddj/logs-monitor
github.com/nmgwddj/TaskbarTool
github.com/nmgwddj/DevCon
github.com/nmgwddj/SystemProcessInfo
github.com/nmgwddj/ServiceMgr

etw

github.com/pierricgimmig/orbitprofiler

wsl/unix

github.com/Mermeze/wslam (wsl anti malware)
github.com/Biswa96/WSLInstall
github.com/Biswa96/WslReverse
github.com/Biswa96/XConPty
github.com/mintty/wsltty.appx

device tree

github.com/MartinDrab/VrtuleTree

irp monitor

github.com/MartinDrab/IRPMon

nt crucial modules

github.com/MeeSong/Nt-Crucial-Modules

windows kernel driver

github.com/kkent030315/anycall (x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration)
github.com/yardenshafir/DpcWait (DPC)
github.com/can1357/NtLua (Lua in kernel)
github.com/mrexodia/NtPhp (Php in kernel)
github.com/DownWithUp/CallMon
github.com/BadPlayer555/KernelGDIDraw (GDI)
github.com/alxbrn/km-um-communication
github.com/DavidXanatos/IgnoreACLs
github.com/hfiref0x/KDU (Kernel Driver Utility)
github.com/zhuhuibeishadiao/JunkDriveOpenSource
github.com/dearfuture/DriverTutorial
github.com/G4rb3n/Windows-Driver
github.com/btbd/wpp (Intercepting DeviceControl via WPP)
github.com/maharmstone/smbfs (SMB filesystem driver for Windows)
github.com/maharmstone/btrfs (Windows driver for the next-generation Linux filesystem Btrfs)
github.com/zodiacon/windowskernelprogrammingbook (sample)
github.com/0xcpu/ExecutiveCallbackObjects
github.com/alxbrn/r6s-external-nuklear-socket
github.com/vmcall/dxgkrnl_hook
github.com/alxbrn/kdmapper-1803-1903
github.com/juniorjacob/readwrite-kernel-stable
github.com/mstefanowich/IsFileSigned
github.com/apriorit/antirootkit-anti-splicer
github.com/Mouka-Yang/KernelDriverDemo
github.com/tomLadder/WinLib
github.com/coltonon/MoaRpm
github.com/wanttobeno/ProcessManager_Ring0
github.com/wanttobeno/Win_Driver_Mouse_And_Key
github.com/wanttobeno/Win64DriverStudy_Src
github.com/tdevuser/MalwFinder
github.com/Sqdwr/WriteFile_IRP
github.com/nmgwddj/learn-windows-drivers
github.com/mq1n/EasyRing0

windows kernel driver with c++ runtime

github.com/MiroKaku/ucxxrt (R3 / R0 C++ Runtime Lib)
github.com/jxy-s/stlkrn (C++ STL in the Windows Kernel with C++ Exception Support)
github.com/r1cky33/kernel_gdi_renderer
github.com/haram/kernel_library
github.com/avakar/vcrtl
github.com/ZhanLang/msddk
github.com/DragonQuestHero/Kernel-Force-Delete (force delete file)
github.com/MeeSong/WDKExt
github.com/HoShiMin/Kernel-Bridge (power)
github.com/wjcsharp/Common
github.com/ExpLife/DriverSTL
github.com/sysprogs/BazisLib
github.com/AmrThabet/winSRDF
github.com/sidyhe/dxx
github.com/zer0mem/libc
github.com/eladraz/XDK
github.com/vic4key/Cat-Driver
github.com/AndrewGaspar/km-stl
github.com/zer0mem/KernelProject
github.com/zer0mem/miniCommon
github.com/jackqk/mystudy
github.com/yogendersolanki91/Kernel-Driver-Example

blackbone

github.com/AbinMM/MemDllLoader_Blackbone
github.com/hzqst/unicorn_pe
github.com/nofvcks/AimKit-Pasted-Driver
github.com/alexpsp00/x-elite-loader
github.com/DarthTon/Xenos
github.com/DarthTon/Blackbone

hidinput

github.com/changeofpace/MouHidInputHook
github.com/hawku/TabletDriver
github.com/ViGEm/HidGuardian
github.com/ecologylab/EcoTUIODriver
github.com/djpnewton/vmulti
github.com/duzhi5368/FKHIDKeyboardSimTest (support usb)
github.com/Jehoash/WinIO3.0

dkom

github.com/alal4465/Win_Rootkit (Kernel RAT X86)
github.com/waryas/EUPMAccess
github.com/notscimmy/pplib
blog.csdn.net/zhuhuibeishadiao/article/details/51136650 (get process full path name)
bbs.pediy.com/thread-96427.htm (modify process image name)
github.com/ZhuHuiBeiShaDiao/PathModification
github.com/ZhuHuiBeiShaDiao/NewHideDriverEx
github.com/Sqdwr/HideDriver
github.com/nbqofficial/HideDriver
github.com/landhb/HideProcess
github.com/tfairane/DKOM

ssdt hook

github.com/crvvdev/MasterHide (x64)
github.com/iPower/KasperskyHook
github.com/Sqdwr/64-bits-inserthook
github.com/int0/ProcessIsolator
github.com/mrexodia/TitanHide (x64dbg Plugin)-(DragonQuestHero Suggest)
github.com/papadp/shd
github.com/bronzeMe/SSDT_Hook_x64
github.com/s18leoare/Hackshield-Driver-Bypass
github.com/sincoder/hidedir
github.com/wyrover/HKkernelDbg
github.com/CherryZY/Process_Protect_Module
github.com/weixu8/RegistryMonitor
github.com/nmgwddj/Learn-Windows-Drivers

eat/iat/object/irp/iat hook

github.com/jguo52/IOCTL-hook
github.com/hugsy/CFB (Irp Hook)
github.com/Rat431/ColdKernel_KUSER
github.com/hasherezade/IAT_patcher
github.com/Cyrex1337/hook.lib
github.com/hMihaiDavid/hooks
github.com/Scorbutics/IATHook
github.com/amazadota/AFD-HOOK-
github.com/wyyqyl/HookIAT
github.com/smore007/remote-iat-hook
github.com/m0n0ph1/IAT-Hooking-Revisited
github.com/xiaomagexiao/GameDll
github.com/HollyDi/Ring0Hook
github.com/mgeeky/prc_xchk
github.com/tinysec/iathook

InfinityHook

github.com/FiYHer/InfinityHookPro
github.com/huoji120/MakeInfinityHookGreatAgain
github.com/p4xon/SyscallHook
yanjuan.xyz/2019/08/syscallhook/
github.com/huoji120/huoji_debuger
github.com/everdox/InfinityHook

inline hook

github.com/adrianyy/kernelhook
github.com/gfreivasc/VMTHook
github.com/zhipeng515/MemberFunctionHook （member function hook）
github.com/windy32/win32-console-hook-lib
github.com/M0rtale/Universal-WndProc-Hook
github.com/a7031x/HookApi
github.com/blaquee/APCHook
github.com/simonberson/ChromeURLSniffer
github.com/codereversing/sehveh_hook
github.com/Matviy/LeagueReplayHook
github.com/jonasblunck/DP
github.com/XBased/xhook
github.com/rokups/hooker
github.com/Ayuto/DynamicHooks
github.com/sincoder/wow64hook
github.com/strobejb/sslhook
github.com/petrgeorgievsky/gtaRenderHook
github.com/WopsS/RenHook
github.com/chinatiny/InlineHookLib (R3 & R0)
github.com/tongzeyu/HookSysenter
github.com/idkwim/frookSINATRA (x64 sysenter hook)
github.com/VideoCardGuy/HideProcessInTaskmgr
github.com/MalwareTech/FstHook
github.com/Menooker/FishHook
github.com/G-E-N-E-S-I-S/latebros
bbs.pediy.com/thread-214582.htm

hook engine

github.com/nektra/Deviare-InProc
github.com/btbd/smap
github.com/gdabah/distormx
github.com/danielkrupinski/vac-hooks
github.com/vol4ok/libsplice (r3 & r0)
github.com/HoShiMin/HookLib (r3 & r0)
github.com/Rebzzel/kiero (d3d hook)
github.com/aschrein/apiparse
github.com/zyantific/zyan-hook-engine
github.com/jonasblunck/DP (com hook)
github.com/jonasblunck/DynHook
github.com/wanttobeno/ADE32_InlineHook
github.com/coltonon/RegHookEx (mid function)
github.com/Synestraa/ArchUltimate.HookLib
github.com/DominicTobias/detourxs
github.com/Ilyatk/HookEngine
github.com/zyantific/zyan-hook-engine
github.com/martona/mhook
github.com/EasyHook/EasyHook
github.com/RelicOfTesla/Detours
github.com/stevemk14ebr/PolyHook
github.com/TsudaKageyu/minhook
github.com/Microsoft/Detours
github.com/Microwave89/ntapihook

anti hook

github.com/outflanknl/Dumpert
github.com/nickcano/ReloadLibrary

inject technique (ring0)

github.com/SDXT/MMInject (Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL)
github.com/Vicshann/GInjer
github.com/r1cky33/Basic-GUI-Loader
github.com/alxbrn/kernel-injector
github.com/btbd/modmap
github.com/Mecanik/MecanikProcessBreaker
github.com/mactec0/Kernelmode-manual-mapping-through-IAT
github.com/adrianyy/KeInject
github.com/Sqdwr/LoadImageInject
github.com/haidragon/NewInjectDrv
github.com/alex9191/Kernel-dll-injector (DllInjectFromKernel)
github.com/wbenny/keinject (ApcInjectFromKernel)
github.com/repnz/apc-research (APC)

inject technique (ring3)

github.com/Broihon/GH-Injector-Library
github.com/antonioCoco/Mapping-Injection (MapViewOfFile2)
github.com/theevilbit/injection
github.com/SafeBreach-Labs/pinjectra
github.com/odzhan/injection
github.com/M-r-J-o-h-n/SWH-Injector
github.com/nccgroup/ncloader (A session-0 capable dll injection utility)
github.com/vmcall/eye_mapper (BattlEye x64 usermode injector)
github.com/Shaxzy/VibranceInjector
github.com/xiaobo93/UnModule_shellcode_Inject
github.com/Cybellum/DoubleAgent
github.com/realoriginal/reflective-rewrite (InjectFromMemory)
github.com/blaquee/APCHook (apc inject)
github.com/secrary/InjectProc
github.com/ez8-co/yapi (Yet Another Process Injector)
github.com/UserExistsError/InjectDll (InjectFromMemory)
github.com/notscimmy/libinject
github.com/BorjaMerino/tlsInjector (tls)
github.com/BorjaMerino/Pazuzu (InjectFromMemory)
github.com/strobejb/injdll
github.com/strivexjun/DriverInjectDll (MapInjectDll)
github.com/sud0loo/ProcessInjection
github.com/apriorit/SvcHostDemo
github.com/can1357/ThePerfectInjector
github.com/VideoCardGuy/X64Injector
github.com/papadp/reflective-injection-detection (InjectFromMemory)
github.com/psmitty7373/eif (InjectFromMemory)
github.com/rokups/ReflectiveLdr (InjectFromMemory)
github.com/BenjaminSoelberg/ReflectivePELoader (InjectFromMemory)
github.com/NtRaiseHardError/Phage (InjectFromMemory)
github.com/dismantl/ImprovedReflectiveDLLInjection (InjectFromMemory)
github.com/CylanceVulnResearch/ReflectiveDLLRefresher (InjectFromMemory)
github.com/amishsecurity/paythepony (InjectFromMemory)
github.com/deroko/activationcontexthook
github.com/ez8-co/yapi (Cross x86 & x64 injection)
github.com/georgenicolaou/HeavenInjector
github.com/tinysec/runwithdll
github.com/NtOpcode/NT-APC-Injector
github.com/caidongyun/WinCodeInjection
github.com/countercept/doublepulsar-usermode-injector
github.com/mq1n/DLLThreadInjectionDetector
github.com/hkhk366/Memory_Codes_Injection
github.com/chango77747/ShellCodeInjector_MsBuild
github.com/Zer0Mem0ry/ManualMap
github.com/secrary/InfectPE
github.com/zodiacon/DllInjectionWithThreadContext
github.com/NtOpcode/RtlCreateUserThread-DLL-Injection
github.com/hasherezade/chimera_loader
github.com/Ciantic/RemoteThreader
github.com/OlSut/Kinject-x64
github.com/tandasat/RemoteWriteMonitor
github.com/stormshield/Beholder-Win32
github.com/secrary/InjectProc
github.com/AzureGreen/InjectCollection
github.com/uItra/Injectora
github.com/rootm0s/Injectors
github.com/Spajed/processrefund
github.com/al-homedawy/InjecTOR
github.com/OlSut/Kinject-x64
github.com/stormshield/Beholder-Win32
github.com/yifiHeaven/MagicWall

WoW64 <-> x64

github.com/wolk-1024/WoW64Utils
github.com/dadas190/Heavens-Gate-2.0
github.com/leecher1337/ntvdmx64
github.com/hyzhangzhy/WindowX
github.com/georgenicolaou/HeavenInjector
github.com/georgenicolaou/W64oWoW64
github.com/Rprop/X86Call
github.com/rwfpl/rewolf-wow64ext
github.com/ovidiuvio/libntdbg
github.com/haidragon/x86tox64
github.com/3gstudent/CreateRemoteThread
github.com/RaMMicHaeL/Textify

anti autorun

github.com/analyst004/autorun

anti dll inject

0cch.com/2015/04/10/e998b2e6ada2global-windows-hookse6b3a8e585a5e79a84e4b880e4b8aae696b9e6b395/ (global hook)
blog.csdn.net/songjinshi/article/details/7808561 (message hook)
blog.csdn.net/songjinshi/article/details/7808624 (message hook)
github.com/mq1n/DLLThreadInjectionDetector
github.com/analyst004/antinject
github.com/ExpLife/BotKiller

load Dll from memory

github.com/hasherezade/module_overloading
github.com/UserExistsError/DllLoaderShellcode
github.com/jnastarot/native_peloader
github.com/fancycode/MemoryModule
github.com/strivexjun/MemoryModulePP

Unpack dll load in runtime

github.com/1ce0ear/DllLoaderUnpacker

dll hijack

github.com/itm4n/CDPSvcDllHijacking
github.com/Cybereason/siofra (identify and exploit)
github.com/anhkgg/SuperDllHijack
github.com/strivexjun/AheadLib-x86-x64
github.com/zeffy/proxydll_template

com hijack

github.com/leoloobeek/COMProxy
github.com/enigma0x3/MessageBox

anti dll hijack

github.com/fortiguard-lion/anti-dll-hijacking

process hollowing

github.com/xfgryujk/InjectExe
github.com/m0n0ph1/Basic-File-Crypter
github.com/Spajed/processrefund
github.com/KernelMode/Process_Doppelganging
github.com/hasherezade/process_doppelganging
github.com/m0n0ph1/Process-Hollowing
github.com/KernelMode/RunPE-ProcessHollowing
github.com/KernelMode/RunPE_Detecter

pe loader

github.com/FrankStain/pe-loader
github.com/VideoCardGuy/PELoader

memory pe dumper

github.com/glmcdona/Process-Dump

dll map detection

github.com/vmcall/MapDetection

dll to shellcode

github.com/w1nds/dll2shellcode

dll to exe

github.com/hasherezade/dll_to_exe

hide process

github.com/M00nRise/ProcessHider

hide & delete dll

github.com/strivexjun/HideDll
github.com/wyyqyl/HideModule

load driver from memory

github.com/rogerxiii/kernel-codecave-poc
github.com/ZhuHuiBeiShaDiao/DriverMaper
github.com/fadetrack/KernelMemoryModule (Enable Exception)
github.com/not-wlan/driver-hijack
github.com/Professor-plum/Reflective-Driver-Loader

bypass memory scanner

github.com/Microwave89/rtsectiontest

KeUserModeCallBack

github.com/Sqdwr/KeUserModeCallBack

callback

github.com/Vicshann/PEProtectDrv
github.com/fdiskyou/windows-ps-callbacks-experiments
github.com/maxkray13/Cvc (Communication via callback)
github.com/socjordi/sauron
github.com/OSRDrivers/kmexts (callbacks)
github.com/godaddy/procfilter (yara-integrated)
github.com/McSimp/unfairplay
github.com/jjdredd/procsentinel (verify the address space of a process)
github.com/SanseoLab/simpleAVdriver
github.com/SanseoLab/ProcLogger
github.com/notscimmy/libelevate
github.com/ZhuHuiBeiShaDiao/ObRegisterCallBacksByPass
github.com/Sqdwr/RemoveCallBacks
github.com/JKornev/hidden
github.com/binbibi/CallbackEx
github.com/swwwolf/cbtest
github.com/nmgwddj/Learn-Windows-Drivers
github.com/SamLarenN/CallbackDisabler

keyboard filter

github.com/supermanc88/KeyboardEncrypt

usb filter

github.com/changeofpace/MouClassInputInjection
github.com/GoodstudyChina/USBlocker

sfilter

github.com/JokerRound/FlieSystemFilter
github.com/haidragon/sfilter

minifilter

github.com/hkx3upper/FOKS-TROT (Transparent Encryption)
github.com/shubham0d/SymBlock (prevent symbolic link exploits)
github.com/TimelifeCzy/HIPS-HIDS_CveMod (CVE HIPS)
github.com/roman-allen/FSFilterDriver
github.com/jefrimustapa/detect-filename-block
github.com/lxt1045/FileLogger
github.com/vitalikpi/FileWall
github.com/Mermeze/System-Monitor
github.com/cn505240/lightweight-reactive-snapshot-service
github.com/aviadyifrah/NAGuard
github.com/y0n0622/DriversCode
github.com/NotSurprised/MiniLogger
github.com/hidd3ncod3s/hipara
github.com/NtRaiseHardError/Providence
github.com/maaaaz/mimicertz
github.com/MUmesha/SecureFile
github.com/anystayisjk/WordEncrypt
github.com/anystayisjk/EncryptEngine
github.com/yedushusheng/FileEncryption
github.com/JokerMars/engine
github.com/icedxu/Monitor
github.com/smartinm/diskcryptor (disk encrypt)
github.com/hedgeh/SEWindows (HIPS)
github.com/474172261/DataProtector
github.com/CynicalApe/Minifilter-CSHARP-ConsoleApp
github.com/NtRaiseHardError/Anti-Delete (File anti delete)
github.com/Randomize163/FSDefender
github.com/ETEFS/ETEFS_Mini
github.com/gfleury/ProtegeDados_ProjetoFinal
github.com/denisvieriu/Portable-Executable-Minifilter-Driver
github.com/surajfale/passthrough-minifilter-driver
github.com/louk78/Virgo
github.com/tandasat/Scavenger
github.com/dubeyprateek/HideFiles
github.com/aleksk/LazyCopy
github.com/guidoreina/minivers
github.com/idkwim/mfd
github.com/Coxious/Antinvader
github.com/tandasat/Scavenger
github.com/fishfly/X70FSD
github.com/ExpLife/BKAV.Filter

anti Ransomware

github.com/NtRaiseHardError/Antimalware-Research
github.com/clavis0x/AntiRansomware
github.com/DecryptoniteTeam/Decryptonite
github.com/ofercas/ransomware_begone

virtual disk

github.com/zhaozhongshu/winvblock_vs
github.com/yogendersolanki91/Kernel-Driver-Example

virtual file system

github.com/ufrisk/MemProcFS (The Memory Process File System)
github.com/TanninOne/usvfs
github.com/ExpLife/CodeUMVFS
github.com/yogendersolanki91/ProcessFileSystem
github.com/BenjaminKim/dokanx

lpc

github.com/avalon1610/LPC

alpc

github.com/LoukaMB/Beacon
github.com/avalon1610/ALPC

lsp/spi

github.com/TinkerBravo/SPIRemove
github.com/AnwarMohamed/Packetyzer

afd

github.com/batteryshark/AfdProxy
github.com/xiaomagexiao/GameDll
github.com/DeDf/afd
github.com/a252293079/NProxy

tdi

github.com/wanttobeno/wmifilter
github.com/xue-blood/adfilter
github.com/alex9191/NetDriver (send & receive HTTP requests)
github.com/alex9191/ZeroBank-ring0-bundle
github.com/Sha0/winvblock
github.com/michael4338/TDI
github.com/cullengao/tdi_monitor
github.com/uniking/TDI-Demo
github.com/codereba/netmon

wfp

github.com/jellever/StreamDivert
github.com/gifur/NetworkMnt
github.com/guidoreina/http_inspect
github.com/ZhanLang/netmonsys
github.com/reinhardvz/enumwfp
github.com/BOT-Man-JL/WFP-Traffic-Redirection-Driver
github.com/henrypp/simplewall
github.com/dfct/PortMapper (Port Map)
github.com/TinkerBravo/WFPKit
github.com/Arno0x/DivertTCPconn
github.com/mullvad/libwfp
github.com/gifur/NetworkMnt
github.com/ss-abramchuk/OpenVPNAdapter/blob/f016614ed3dec30672e4f1821344b7992825a98d/OpenVPN%20Adapter/Vendors/openvpn/openvpn/tun/win/wfp.hpp
github.com/itari/vapu
github.com/ValdikSS/GoodbyeDPI
github.com/basil00/Divert
github.com/WPO-Foundation/win-shaper
github.com/raymon-tian/WFPFirewall
github.com/killbug2004/HashFilter
github.com/henrypp/simplewall
docs.microsoft.com/zh-cn/windows-hardware/drivers/network/porting-packet-processing-drivers-and-apps-to-wfp
github.com/thecybermind/ipredir

ndis

github.com/pr0v3rbs/MalSiteBlocker
github.com/Beamer-LB/netmap/tree/stable/WINDOWS
github.com/ndemarinis/ovs/tree/22a1ba42f8137cd3532b54880b19b51d4b87440d/datapath-windows/ovsext
github.com/markjandrews/CodeMachineCourse/tree/5473d4ea808791c2a048f2c8c9c86f011a6da5e8/source/kerrkt.labs/labs/NdisLwf
github.com/openthread/openthread/tree/master/examples/drivers/windows
github.com/Hartigan/Firewall
github.com/zy520321/ndis-filter
github.com/yuanmaomao/NDIS_Firewall
github.com/SoftEtherVPN/Win10Pcap
github.com/IsoGrid/NdisProtocol
github.com/lcxl/lcxl-net-loader
www.ntkernel.com/windows-packet-filter/
github.com/michael4338/NDIS
github.com/IAmAnubhavSaini/ndislwf
github.com/OpenVPN/tap-windows6
github.com/SageAxcess/pcap-ndis6
github.com/uniking/NDIS-Demo
github.com/mkdym/NDISDriverInst
github.com/debugfan/packetprot
github.com/Iamgublin/NDIS6.30-NetMonitor
github.com/nmap/npcap
github.com/Ltangjian/FireWall
github.com/Microsoft/Windows-driver-samples/tree/master/network/config/bindview
github.com/brorica/http_inject (winpcap)

game accelerator

github.com/NetchX/Netch

wsk

github.com/Deputation/kernel_sockets_memory
github.com/adrianyy/rw_socket_driver
github.com/wbenny/KSOCKET
github.com/xalley/WskHttp
github.com/reinhardvz/wsk
github.com/akayn/kbMon
github.com/02strich/audionet
github.com/mestefy/securityplus
github.com/skycipher/CNGProvider

rootkits

github.com/FiYHer/kernel_window_hide (hide window from kernel)
github.com/KANKOSHEV/NoScreen (hide window from kernel)
github.com/FiYHer/EASY-HWID-SPOOFER
github.com/jguo52/NtCompareSigningLevel-hook (NtCompareSigningLevels)
github.com/bytecode77/living-off-the-land (fileless)
github.com/D4stiny/spectre
github.com/thesecretclub/window_hijack
github.com/Mr-Un1k0d3r/SCShell
github.com/realoriginal/doublepulsar-poc
github.com/zouxianyu/PhysicalMemoryRW
github.com/zouxianyu/KernelHiddenExecute
github.com/isoadam/gina_public
github.com/GayPig/driverless-basic-driver
github.com/zerosum0x0/smbdoor
github.com/Alex3434/wmi-static-spoofer
github.com/KIDofot/BypassDriverDetection_And_Kill360Process
github.com/longmode/UTKModule
github.com/nkga/cheat-driver (read/write memory of arbitrary processes)
github.com/lantaoxu/HWIDFaker (hwid fake)
github.com/zerosum0x0/puppetstrings
github.com/Synestraa/Highcall-Library (Highcall)
github.com/Microwave89/drvtricks
github.com/Psychotropos/xhunter1_privesc (XIGNCODE3)
github.com/ionescu007/r0ak (RWE)
github.com/cyberweapons/cyberweapons
github.com/huoji120/AV-Killer
github.com/Sqdwr/DeleteFile
github.com/Sqdwr/DeleteFileByCreateIrp
github.com/Mattiwatti/PPLKiller
github.com/bfosterjr/ci_mod
github.com/HoShiMin/EnjoyTheRing0
github.com/hfiref0x/ZeroAccess
github.com/hackedteam/driver-win32
github.com/hackedteam/driver-win64
github.com/csurage/Rootkit
github.com/bowlofstew/rootkit.com
github.com/Nervous/GreenKit-Rootkit
github.com/bytecode-77/r77-rootkit
github.com/Cr4sh/WindowsRegistryRootkit
github.com/Alifcccccc/Windows-Rootkits
github.com/Schnocker/NoEye
github.com/christian-roggia/open-myrtus
github.com/Cr4sh/DrvHide-PoC
github.com/mstefanowich/SquiddlyDiddly2
github.com/MalwareTech/FakeMBR
github.com/Cr4sh/PTBypass-PoC
github.com/psaneme/Kung-Fu-Malware
github.com/hasherezade/persistence_demos
github.com/MinhasKamal/TrojanCockroach
github.com/akayn/kbMon

mbr

github.com/Cisco-Talos/MBRFilter

bootkits

github.com/btbd/umap
github.com/DeviceObject/rk2017
github.com/DeviceObject/ChangeDiskSector
github.com/DeviceObject/Uefi_HelloWorld
github.com/DeviceObject/ShitDrv
github.com/DeviceObject/DarkCloud
github.com/nyx0/Rovnix
github.com/MalwareTech/TinyXPB
github.com/m0n0ph1/Win64-Rovnix-VBR-Bootkit
github.com/NextSecurity/Gozi-MBR-rootkit
github.com/NextSecurity/vector-edk
github.com/ahixon/booty

uefi/smm

github.com/SunnyKi/bareBoot
github.com/DeviceObject/Uefi_HelloWorld
github.com/LongSoft/UEFITool
github.com/dude719/UEFI-Bootkit
github.com/quarkslab/dreamboot
github.com/gyje/BIOS_Rootkit
github.com/scumjr/the-sea-watcher
github.com/zhuyue1314/stoned-UEFI-bootkit
github.com/hackedteam/vector-edk
github.com/Cr4sh/SmmBackdoor
github.com/Cr4sh/PeiBackdoor
github.com/Cr4sh/fwexpl

bootloader

github.com/apriorit/custom-bootloader

smc

github.com/marcusbotacin/Self-Modifying-Code

anti debug

github.com/sharepub/CheckVM-Sandbox
github.com/nihilboy/anti
github.com/atlantis2013/Evasion-Tools
github.com/AlicanAkyol/sems
github.com/strivexjun/XAntiDebug
github.com/marcusbotacin/Anti.Analysis
github.com/LordNoteworthy/al-khaser
github.com/eschweiler/ProReversing

crypters

github.com/m0n0ph1/FileCrypter
github.com/iGh0st/Crypters

malware

github.com/Freakboy/CobaltStrike
github.com/vxunderground/Vx-Engines
github.com/rokups/virtual-reality (backdoor)
github.com/InQuest/malware-samples
github.com/mstfknn/malware-sample-library
github.com/Darkabode/possessor
github.com/Darkabode/zerokit
github.com/NYAN-x-CAT/AsyncRAT-C-Sharp (C#)
github.com/zerosum0x0/koadic (JScript RAT)
github.com/malwaredllc/bamf
github.com/malwaredllc/byob (py)
github.com/fereh/tacekit
github.com/eset/malware-ioc
github.com/lianglixin/RemoteControl-X3
github.com/Souhardya/UBoat (HTTP)
github.com/malwares/Botnet
github.com/RafaelGSS/HyzMall
github.com/DeadNumbers/Pegasus
github.com/mdsecactivebreach/SharpShooter
github.com/mwsrc/XtremeRAT
github.com/mwsrc/Schwarze-Sonne-RAT (delphi)
github.com/Mr-Un1k0d3r/ThunderShell (powershell)
github.com/DimChris0/LoRa
github.com/marcusbotacin/Malware.Multicore
github.com/bxlcity/malware
github.com/grcasanova/SuperVirus
github.com/hackedteam/core-win32
github.com/hackedteam/scout-win
github.com/hackedteam/vector-dropper

EternalBlue && Doublepulsar && Mine

github.com/xmrig/xmrig
github.com/TolgaSEZER/EternalPulse

shellcode analysis

github.com/OALabs/BlobRunner

malware analysis

github.com/huoji120/DuckMemoryScan
github.com/JPCERTCC/EmoCheck
github.com/G4rb3n/Malware-Killer
github.com/G4rb3n/Malware-Picture
github.com/a232319779/mmdt
github.com/Formyown/Alesense-Antivirus (nice demo)
github.com/ctxis/capemon (Config And Payload Extraction)
github.com/tdevuser/MalwFinder
github.com/MalwareCantFly/Vba2Graph
github.com/unexpectedBy/Automated-Malware-Analysis-List
github.com/wchen-r7/amsiscanner (Microsoft's Antimalware Scan Interface)
github.com/ctxis/capemon
github.com/kevthehermit/RATDecoders
github.com/marcusbotacin/Malware.Variants
github.com/marcusbotacin/Hardware-Assisted-AV
github.com/gentilkiwi/spectre_meltdown
github.com/gentilkiwi/wanadecrypt
github.com/bloomer1016
github.com/CHEF-KOCH/malware-research
github.com/gentilkiwi/wanakiwi

av evasion

github.com/sv3nbeast/ImgLoaderShellCode
github.com/ReddyyZ/GhostShell
github.com/nccgroup/Winpayloads
github.com/TideSec/BypassAntiVirus
github.com/jthuraisamy/SysWhispers
github.com/huoji120/Antivirus_R3_bypass_demo
github.com/paranoidninja/CarbonCopy

arktools

github.com/D4stiny/PeaceMaker (detects advanced techniques used by malware)
github.com/MHaggis/sysmon-dfir (sysmon)
github.com/antiwar3/py
github.com/weixu8/pcmonitor (kpolarssl)
github.com/mohuihui/antispy
github.com/DavidXanatos/TaskExplorer
github.com/BlackINT3/OpenArk
github.com/basketwill/Sysmon_reverse
github.com/ZhuHuiBeiShaDiao/KernelHooksDetection_x64
github.com/AxtMueller/Windows-Kernel-Explorer
github.com/hedgeh/SEWindows (doc:hedgeh.github.io/startup.html)
github.com/glmcdona/MALM
github.com/ahmad-siavashi/Ana-Process-Explorer
github.com/alex9191/KernelModeMonitor
github.com/marcosd4h/memhunter
github.com/gleeda/memtriage
github.com/KernelMode/Process_Dop
github.com/hm200958/kmdf--analyse
github.com/AzureGreen/WinNT-Learning
github.com/marcusbotacin/BranchMonitoringProject
github.com/AzureGreen/ArkProtect
github.com/AzureGreen/ArkToolDrv
github.com/HollyDi/PCAssistant
github.com/ChengChengCC/Ark-tools
github.com/swatkat/arkitlib
github.com/swwwolf/wdbgark
github.com/zibility/Anti-Rootkits
github.com/SLAUC91/AntiCheat
github.com/sincoder/A-Protect
github.com/apriorit/antirootkit-anti-splicer
github.com/kedebug/ScDetective
github.com/PKRoma/ProcessHacker
github.com/AndreyBazhan/DbgExt
github.com/comaeio/SwishDbgExt
github.com/ExpLife/atomic-red-team
github.com/shenghe/pcmanager
github.com/lj1987new/guardlite
github.com/hackshields/antivirus/
github.com/AntiRootkit/BDArkit

EDR

github.com/jthuraisamy/TelemetrySourcerer
github.com/ION28/BLUESPAWN
github.com/ComodoSecurity/openedr

bypass patchguard

github.com/zhuhuibeishadiao/PatchGuardResearch
github.com/can1357/ByePg
github.com/zzhouhe/PG1903
github.com/9176324/Shark
github.com/hfiref0x/UPGDSED
github.com/tandasat/PgResarch
github.com/killvxk/DisableWin10PatchguardPoc
github.com/tandasat/findpg
github.com/zer0mem/HowToBoostPatchGuard
bbs.pediy.com/thread-214582.htm

bypass dse

github.com/alxbrn/gdrv-loader
github.com/Mattiwatti/EfiGuard
github.com/hfiref0x/TDL
github.com/hfiref0x/DSEFix

HackSysExtremeVulnerableDriver

github.com/redogwu/windows_kernel_exploit
github.com/mgeeky/HEVD_Kernel_Exploit
www.fuzzysecurity.com/tutorials.html
rootkits.xyz/blog/
github.com/hacksysteam/HackSysExtremeVulnerableDriver
github.com/k0keoyo/HEVD-Double-Free-PoC
github.com/k0keoyo/HEVD-Arbitrary-Overwrite-Exploit-Win10-rs3
github.com/tekwizz123/HEVD-Exploit-Solutions
github.com/k0keoyo/try_exploit
github.com/Cn33liz/HSEVD-VariousExploits
github.com/Cn33liz/HSEVD-StackOverflow
github.com/Cn33liz/HSEVD-StackOverflowX64
github.com/Cn33liz/HSEVD-StackCookieBypass
github.com/Cn33liz/HSEVD-ArbitraryOverwriteGDI
github.com/Cn33liz/HSEVD-StackOverflowGDI
github.com/Cn33liz/HSEVD-ArbitraryOverwriteLowIL
github.com/Cn33liz/HSEVD-ArbitraryOverwrite
github.com/akayn/demos

windows exploits

github.com/peleghd/Windows-10-Exploitation
github.com/NAXG/cve_2019_0708_bluekeep_rce (RDP)
github.com/wchen-r7/VulnCases (cases)
github.com/rockmelodies/CVE-2019-0708-Exploit (RDP)
github.com/admintony/svnExploit
github.com/smgorelik/Windows-RCE-exploits
github.com/WindowsExploits/Exploits
github.com/codewhitesec/UnmarshalPwn
github.com/shellphish/how2heap
github.com/externalist/exploit_playground
github.com/cervoise/Abuse-bash-for-windows

linux exploits

github.com/ylcangel/exploits

windows kernel exploits

github.com/bluefrostsecurity/Meltdown-KVA-Shadow-Leak (Meltdown Reloaded: Breaking Windows KASLR by Leaking KVA Shadow Mappings)
github.com/synacktiv/Windows-kernel-SegmentHeap-Aligned-Chunk-Confusion
github.com/gdabah/win32k-bugs
github.com/SouhailHammou/Drivers (ATP bypass)
www.unknowncheats.me/forum/anti-cheat-bypass/334557-vulnerable-driver-megathread.html?nsukey=CkSGplDUMAWaGbr8btXXDeNqNyzCau83773dZHbUgTD2KbfFsN4ReqwwjwB1TE2jjUz0HHSUQSrvX7JZ%2BtA0RPQFg5pWsGwlyCVT6EW1cF8Y%2BDfa%2Fd8KHdi%2FFG5mj6oTcKaCfR%2BQmUANoXeWHbzursQ68JQdcT5zfCKwgR7ZutAla5N%2FHH8448BpwB4nKJuBB0ns7Ex0vVB7O8j%2BkcFaug%3D%3D
github.com/n3k/EKOParty2015_Windows_SMEP_Bypass (SEMP bypass)
github.com/saaramar/execve_exploit (WSL)
github.com/siberas/CVE-2016-3309_Reloaded
github.com/moccajoghurt/drvmap_secure
github.com/fishstiqz/poolinfo
github.com/cbayet/Exploit-CVE-2017-6008
github.com/cbayet/PoolSprayer (pool spray)
github.com/DownWithUp/CVE-2018-15499 (race condition)
github.com/SandboxEscaper/randomrepo (win10 LPE)
github.com/jackson5-sec/TaskSchedLPE (LPE)
github.com/HarsaroopDhillon/AHNLab-0day(LPE)
github.com/paranoidninja/Pandoras-Box
github.com/MarkHC/HandleMaster
github.com/can1357/physical_mem_controller
github.com/can1357/safe_capcom
github.com/can1357/CVE-2018-8897
github.com/JeremyFetiveau/Exploits
github.com/hfiref0x/Stryker
github.com/swwwolf/obderef
github.com/k0keoyo/CVE-2017-0038-EXP-C-JS
github.com/cbayet/PoolSprayer
github.com/k0keoyo/Vir.IT-explorer-Anti-Virus-Null-Pointer-Reference-PoC
github.com/k0keoyo/Driver-Loaded-PoC
github.com/k0keoyo/try_exploit
github.com/k0keoyo/CVE-2015-2546-Exploit
github.com/k0keoyo/Dark_Composition_case_study_Integer_Overflow
github.com/tinysec/vulnerability
github.com/akayn/demos
github.com/abatchy17/WindowsExploits
github.com/recodeking/WindowsExploitation
github.com/GDSSecurity/Windows-Exploit-Suggester
github.com/rwfpl/rewolf-pcausa-exploit
github.com/ratty3697/HackSpy-Trojan-Exploit
github.com/SecWiki/windows-kernel-exploits
github.com/sensepost/ms16-098
github.com/shjalayeri/sysret
github.com/sam-b/windows_kernel_resources
github.com/sensepost/gdi-palettes-exp
github.com/ExpLife/ByPassCfg
github.com/Rootkitsmm/WinIo-Vidix
github.com/andrewkabai/vulnwindrv
github.com/mwrlabs/CVE-2016-7255
github.com/MarkHC/HandleMaster
github.com/SamLarenN/CapcomDKOM
github.com/zerosum0x0/puppetstrings
github.com/zerosum0x0/ShellcodeDriver
github.com/Rootkitsmm/WinIo-Vidix
github.com/progmboy/kernel_vul_poc
github.com/rwfpl/rewolf-msi-exploit
github.com/rwfpl/rewolf-pcausa-exploit
github.com/Rootkitsmm/Win10Pcap-Exploit
github.com/Rootkitsmm/MS15-061
github.com/Rootkitsmm/cve-2016-0040
github.com/Rootkitsmm/CVEXX-XX
github.com/sensepost/ms16-098
github.com/Trietptm-on-Security/bug-free-adventure
github.com/sam-b/CVE-2014-4113
github.com/Rootkitsmm/OpenVpn-Pool-Overflow
github.com/Rootkitsmm/UnThreatAVDriver-DOS
github.com/Cr4sh/ThinkPwn
github.com/hfiref0x/CVE-2015-1701
github.com/tyranid/windows-logical-eop-workshop
github.com/google/sandbox-attacksurface-analysis-tools
github.com/tyranid/ExploitRemotingService
github.com/tyranid/DeviceGuardBypasses
github.com/tyranid/ExploitDotNetDCOM
github.com/hatRiot/token-priv(EOP)
github.com/weizn11/MS17010_AllInOne
github.com/TeskeVirtualSystem/MS17010Test

race condition

github.com/0xcpu/dijuno

LPE

github.com/ly4k/CallbackHell
github.com/itm4n/PrintSpoofer
github.com/yusufqk/SystemToken
github.com/itm4n/UsoDllLoader
github.com/DoubleLabyrinth/SdoKeyCrypt-sys-local-privilege-elevation
github.com/AlessandroZ/BeRoot
github.com/HackerPide/The-Division-Bypass (division bypass)
github.com/khr0x40sh/WhiteListEvasion
github.com/ohpe/juicy-potato
github.com/nmulasmajic/syscall_exploit_CVE-2018-8897
github.com/codewhitesec/UnmarshalPwn
ohpe.github.io/juicy-potato/

linux exploit

github.com/Lazenca/Exploit-tech
github.com/Lazenca/Kernel-exploit-tech

office exploit

github.com/houjingyi233/office-exploit-case-study
github.com/rxwx/CVE-2017-8570

flash exploit

github.com/brianwrf/CVE-2017-4878-Samples

sandbox

github.com/Cisco-Talos/pyrebox
github.com/taiFansou/Proteibox

sandbox escape

github.com/b4rtik/ATPMiniDump
github.com/ray-cp/vm-escape
github.com/xairy/vmware-exploitation
github.com/649/Chrome-Sandbox-Exploit
github.com/SilverMoonSecurity/SandboxEvasion
github.com/exAphex/SandboxEscape
github.com/Fel0ny/Sandbox-Detection
github.com/CheckPointSW/InviZzzible
github.com/MalwareTech/AppContainerSandbox
github.com/tyranid/IE11SandboxEscapes
github.com/649/Chrome-Sandbox-Exploit
github.com/google/sandbox-attacksurface-analysis-tools
github.com/conix-security/zer0m0n
github.com/iceb0y/windows-container
github.com/s7ephen/SandKit
github.com/D4Vinci/Dr0p1t-Framework
github.com/cryptolok/MorphAES
github.com/mtalbi/vm_escape
github.com/unamer/vmware_escape
github.com/erezto/lua-sandbox-escape
github.com/brownbelt/Edge-sandbox-escape
github.com/shakenetwork/vmware_escape
github.com/Cr4sh/prl_guest_to_host

anti exploit

github.com/shjalayeri/Pwnypot
github.com/shjalayeri/MCEDP
github.com/Empier/Anti-Exploit

cve

github.com/r0eXpeR/supplier ()
github.com/stong/CVE-2020-15368
github.com/yardenshafir/CVE-2020-1034
github.com/ioncodes/CVE-2020-16938
github.com/Ascotbe/Kernelhub
github.com/DownWithUp/CVE-Stockpile
github.com/ollypwn/CVE-2020-0601
github.com/bluefrostsecurity/CVE-2019-1215 (LPE)
github.com/apt69/COMahawk
github.com/DownWithUp/CVE-Stockpile
github.com/badd1e/Disclosures
github.com/Barakat/CVE-2019-16098 (LPE)
github.com/qazbnm456/awesome-cve-poc#cve-2016-3088
github.com/Vlad-tri/CVE-2019-1132
github.com/RingLcy/VulnerabilityAnalysisAndExploit
github.com/thepwnrip/leHACK-Analysis-of-CVE-2018-8453
github.com/o0xmuhe/RealWorldPwn
github.com/sophoslabs/CVE-2019-0888 (ADO UAF)
github.com/Iamgublin/CVE-2019-0803 (LPE)
github.com/ze0r/cve-2019-0808-poc
github.com/Ridter/acefile
github.com/Ridter/Exchange2domain
github.com/ze0r/cve-2018-8453-exp
github.com/gravitational/cve-2018-1002105
github.com/LyleMi/dom-vuln-db
github.com/renorobert/virtualbox-cve-2018-2844
github.com/LiuCan01/cve-list-pro
github.com/CVEProject/cvelist

hips

github.com/daterlove/ActiveDefense
github.com/secrary/DrSemu
github.com/godaddy/procfilter
github.com/BrunoMCBraga/Kernel-Whisperer
malwaretips.com/threads/av-self-protection-process-c-c.66200/
github.com/zareprj/JAV-AV-Engine
github.com/0xdabbad00/OpenHIPS
github.com/ExpLife/Norton_AntiVirus_SourceCode
github.com/majian55555/MJAntiVirusEngine
github.com/develbranch/TinyAntivirus
github.com/tandasat/EopMon
github.com/tandasat/MemoryMon

windows hypervisor

github.com/FoxHex0ne/HyperViper
github.com/comaeio/LiveCloudKd
github.com/0vercl0k/pywinhv
github.com/gamozolabs/falkervisor_grilled_cheese
github.com/redogwu/hyper-v
github.com/Ekrte/hithithit
github.com/Microsoft/FirewallEventMonitor
github.com/ionescu007/Simpleator
github.com/StrikerX3/whvpclient

kvm

github.com/david942j/kvm-kernel-example

vt

github.com/qq1045551070/ShotHv
github.com/Air14/HyperHide (anti anti debug & x64dbg plugin)
github.com/amiryeshurun/HyperWin
github.com/sooqua/VanderLeague (hack lol)
github.com/cyberus-technology/hedron.git
github.com/kukrimate/grr
github.com/hvmi/hvmi
github.com/napocahv/napoca
github.com/SinaKarvandi/HyperDbg
github.com/jonomango/mango-library (🥭windows memory library aimed towards game hacking)
github.com/chillancezen/ZeldaOS.x86_64
github.com/9176324/Daat
github.com/eyalz800/zpp_hypervisor
github.com/stonedreamforest/Mirage
github.com/IgorKorkin/MemoryRanger
github.com/hrbust86/SvmNest
github.com/Kelvinhack/DeviceMon
github.com/Kelvinhack/NoTruth
github.com/udosteinberg/NOVA
github.com/changeofpace/VivienneVMM (stealthy debugging framework)
github.com/tklengyel/drakvuf
github.com/gamozolabs/applepie
github.com/haidragon/newbluepill
github.com/Gbps/gbhv
github.com/ionescu007/SimpleVisor
github.com/xdel/bluepillstudy
github.com/SinaKarvandi/Hypervisor-From-Scratch
github.com/wbenny/hvpp
github.com/Sqdwr/Multi_CPU_VtBase
github.com/marche147/IoctlMon
github.com/ionescu007/SimpleVisor
github.com/zer0mem/MiniHyperVisorProject
github.com/zer0mem/ShowMeYourGongFu
github.com/zer0mem/HyperVisor
github.com/marche147/SimpleVT
github.com/DarthTon/HyperBone
github.com/nick-kvmhv/splittlb
github.com/zareprj/Vmx_Prj
github.com/ZhuHuiBeiShaDiao/MiniVTx64
github.com/tandasat/HyperPlatform
github.com/hzqst/Syscall-Monitor
github.com/asamy/ksm
github.com/in12hacker/VT_64_EPT
github.com/ZhuHuiBeiShaDiao/PFHook
github.com/tandasat/FU_Hypervisor
github.com/tandasat/DdiMon
github.com/tandasat/GuardMon
github.com/yqsy/VT_demo
github.com/OkazakiNagisa/VTbasedDebuggerWin7
github.com/Ouroboros/JuusanKoubou
github.com/aaa1616/Hypervisor
github.com/Nukem9/VirtualDbg
github.com/Nukem9/VirtualDbgHide
github.com/cheat-engine/cheat-engine
github.com/Kelvinhack/kHypervisor

firmware

github.com/platomav/MEAnalyzer

fuzzer

github.com/math1as/Windows-GDI-fuzzer
github.com/strongcourage/uafuzz
github.com/HyperDbg/HyperDbg (An x86-64 VT-x based Windows Debugger)
www.youtube.com/user/gamozolabs/videos (great fuzz courses)
github.com/aflsmart/aflsmart
github.com/FoxHex0ne/DocParseFuzzingResources
github.com/vanhauser-thc/AFLplusplus (AFLPlusPlus)
github.com/zhunki/Superion
github.com/uds-se/fuzzingbook
github.com/wcventure/WasmFuzz
github.com/wcventure/FuzzingPaper (paper)
github.com/FoxHex0ne/Silfen
bbs.pediy.com/thread-255544.htm
bbs.pediy.com/thread-255162.htm (winafl)
github.com/bin2415/fuzzing_paper
github.com/mxmssh/manul
github.com/nccgroup/fuzzowski
github.com/rk700/uniFuzzer (closed-source binaries fuzzer)
github.com/trailofbits/sienna-locomotive
github.com/compsec-snu/razzer
github.com/wcventure/FuzzingPaper
github.com/mwrlabs/ViridianFuzzer (fuzz Hyper-V hypercalls)
github.com/GoSSIP-SJTU/TripleDoggy
github.com/payatu/EMFFuzzer
github.com/googleprojectzero/bochspwn-reloaded
github.com/googleprojectzero/p0tools
github.com/wnagzihxa1n/BrowserSecurity
github.com/Dongdongshe/neuzz
github.com/nickjackson2011/study-TTF_format
github.com/oxagast/ansvif
github.com/hfiref0x/ROCALL
github.com/bin2415/fuzzing_paper
github.com/CERTCC/dranzer (activex/com)
github.com/lcatro/How-to-Read-Source-and-Fuzzing (learn fuzzer)
github.com/sogeti-esec-lab/RPCForge
github.com/RootUp/BFuzz
github.com/necst/crave
github.com/IOActive/FuzzNDIS
github.com/bee13oy/AV_Kernel_Vulns/tree/master/Zer0Con2017
github.com/k0keoyo/kDriver-Fuzzer (whereisk0shl.top/post/2018-01-30)
github.com/koutto/ioctlbf
github.com/Cr4sh/ioctlfuzzer
github.com/Cr4sh/MsFontsFuzz
github.com/hfiref0x/NtCall64
github.com/Rootkitsmm/Win32k-Fuzzer
github.com/mwrlabs/KernelFuzzer
github.com/SignalSEC/kirlangic-ttf-fuzzer
github.com/demi6od/Smashing_The_Browser
github.com/marche147/IoctlMon
github.com/k0keoyo/Some-Kernel-Fuzzing-Paper

fuzz

github.com/antonio-morales/Fuzzing101
github.com/Kiprey/Skr_Learning
kiprey.github.io/categories/

emet

github.com/codingtest/EMET

hotpatch

github.com/codingtest/windows_hotpatch

memory hack

github.com/Empier/MemoryEditor

game

github.com/scarsty/kys-cpp

game network accelerator

github.com/csharpHub/aiocloud

game hack

github.com/BeneficialCode/Game-Cheating-Tutorial
github.com/khang06/mhynot2.git
github.com/sooqua/VanderLeague (LOL)
github.com/Speedi13/ROP-COMPILER (VAC / PB)
github.com/Aki2k/BEDaisy(battleyes kernel driver) ![Github stars](https://shields.io/github/stars/Aki2k/BEDaisy(battleyes?style=social) ![Github forks](https://shields.io/github/forks/Aki2k/BEDaisy(battleyes?style=social) ![Github watchers](https://shields.io/github/watchers/Aki2k/BEDaisy(battleyes?style=social)
github.com/dretax/GarHal_CSGO (csgo)
github.com/nbqofficial/kernel-csgo (csgo)
www.youtube.com/playlist?list=PL8TEddGT5w_j80QNqkFwl3stUTxlHol_h (LOL)
github.com/mq1n/BadEye (BattlEye)
github.com/NMan1/Rainbow-Six-Cheat
github.com/FiYHer/How-to-create-a-csgo-cheating-program
github.com/NMan1/Internal-Rainbow-Six-Cheat
github.com/Vaseliinikives/Fortnite-External
github.com/Joona70/fortnite-cheat-source-public
github.com/qofeharaf/IGodsEye
github.com/Wando1423/Antario
github.com/zH4x/SoT-DLL (esp)
github.com/huoji120/apex_full_cheat
github.com/CasualX/apexbot
github.com/tomLadder/Call-of-Duty-Black-Ops-III-Cheat
github.com/vmcall/battleye_emulation
github.com/JakeDahl/ApexStuff
github.com/luciouskami/LOL-CN-Anti-AntCheat
github.com/danielkrupinski/Osiris
github.com/ApexLegendsUC/anti-cheat-emulator
github.com/EternityX/DEADCELL-CSGO
github.com/adrianyy/EACReversing （EAC）
github.com/EquiFox/KsDumper (process dump from kernel space)
github.com/EternityX/DEADCELL-CSGO
github.com/M-T3K/GameHacking
github.com/nanoric/pkn
github.com/luciouskami/APEX-EACBypass
github.com/fenix01/cheatengine-library (cheatengine library wrapper)
github.com/GoodstudyChina/CSGO-Cheat
github.com/Nixer1337/Nixware-GMOD
github.com/DragonQuestHero/PUBG-PAK-Hacker (BattlEye)
github.com/GameHackingBook/GameHackingCode
github.com/danielkrupinski/Osiris (Counter-Strike)
github.com/moccajoghurt/MemWars
github.com/dsasmblr/hacking-online-games
github.com/dsasmblr/game-hacking
github.com/daswareinfach/Battleye-VAC-EAC-Kernel-Bypass (BattlEye)
blog.his.cat/a/fuck_battleye.cat (BattlEye)
github.com/Tai7sy/BE_Fuck (Battleye)
github.com/Synestraa/Highcall-Library
github.com/cheat-engine/cheat-engine
github.com/DreamHacks/dreamdota
github.com/yoie/NGPlug-in
github.com/DevelopKits/proj
github.com/VideoCardGuy/ExpTool_GUI
github.com/VideoCardGuy/Zhihu_SimpleLog
github.com/VideoCardGuy/NewYuGiOh_CheatDLL_x64
github.com/VideoCardGuy/Tetris
github.com/VideoCardGuy/YuGiOh
github.com/VideoCardGuy/SnakeAI
github.com/VideoCardGuy/gitAsktao
github.com/VideoCardGuy/War3Cheat
github.com/VideoCardGuy/AStar_Study
github.com/VideoCardGuy/BnsChina_SetSpeed
github.com/VideoCardGuy/LOLProjects
github.com/VideoCardGuy/NewYuGiOh_CheatDLL_x64
github.com/VideoCardGuy/PictureMatchGame
github.com/VideoCardGuy/AutoLoginByBnsChina
github.com/VideoCardGuy/MemoryWatchTool
github.com/VideoCardGuy/LOL_China
github.com/mlghuskie/NoBastian
github.com/G-E-N-E-S-I-S/BattlegroundsChams
github.com/luciouskami/XignCode3Bypass
github.com/luciouskami/CS-GO-Simple-Hack
github.com/luciouskami/load-self-mix
github.com/Karaulov/WarcraftIII_DLL_126-127
github.com/TonyZesto/PubgPrivXcode85
github.com/luciouskami/gameguard-for-war3
github.com/PopcornEgg/LOLChangeSkin
github.com/ValveSoftware/ToGL
github.com/Karaulov/War3-SizeLimit-Bypass
github.com/F7eak/Xenon
github.com/syj2010syj/All-Star-Battle-2

anti cheat

github.com/zyhp/vac3_inhibitor
github.com/thesecretclub/CVEAC-2020
github.com/huoji120/CSGO_CrowAntiCheat
github.com/niemand-sec/Reversing-XignCode3-Driver
github.com/niemand-sec/AntiCheat-Testing-Framework
github.com/GravitLauncher/Avanguard
github.com/Mouka-Yang/AntiCheatProtector
github.com/mq1n/NoMercy
github.com/SagaanTheEpic/Sagaan-AntiCheat-V2.0
github.com/SagaanTheEpic/SAC-Sagaan-AntiCheat-Module-
github.com/SagaanTheEpic/SAC-Anti-Debug
github.com/SagaanTheEpic/SAC-Sagaan-AntiCheat-ModuleThread
github.com/SagaanTheEpic/SAC-Sagaan-AntiCheat-OverlayDetector-
github.com/SagaanTheEpic/Mega-Bypasss
github.com/SagaanTheEpic/SAC-Sagaan-AntiCheat-UserMode-
github.com/SagaanTheEpic/SAC-Sagaan-AntiCheat-Driver-
github.com/SagaanTheEpic/SagaanTheEpic-Millin-Hack-SMH-Kernel
github.com/SagaanTheEpic/LSASS-Usermode-Bypass
github.com/SagaanTheEpic/KernelMode-Bypass
github.com/chinatiny/GameAntiCheat
github.com/jnastarot/anti-cheat
github.com/jnastarot/ice9

software reverse

github.com/stonedreamforest/re_avkmgr
github.com/stonedreamforest/re_sysdiag

pe protector

github.com/TimelifeCzy/Shell_Protect (vm)
github.com/93aef0ce4dd141ece6f5/Packer
github.com/devilogic/xvirus
github.com/nickcano/RelocBonus
github.com/jnastarot/furikuri

unpacker

github.com/Phat3/PINdemonium (pin)
github.com/BromiumLabs/PackerAttacker
n10info.blogspot.com/2018/03/xvolkolak-010.html

emulate code execution

github.com/sycurelab
github.com/hzqst/unicorn_pe
github.com/inaz2/Unico
github.com/Coldzer0/Cmulator

pin

github.com/thalium/icebox
github.com/season-lab/bluepill/
github.com/long123king/PE-Replay
github.com/Fare9/ANBU
github.com/BreakingMalware/Selfie
github.com/BreakingMalware/AVulnerabilityChecker
github.com/hasherezade/MyPinTools
github.com/hasherezade/tiny_tracer
github.com/dyninst/dyninst

symbolic execution

github.com/cea-sec/miasm
github.com/illera88/Ponce
github.com/gaasedelen/lighthouse

obfuscation

github.com/DoctorLai/VBScript_Obfuscator

deobfuscation

github.com/nblog/Vm2Import
github.com/zodiacddos/BattleEye-EasyAntiCheat-Bypasses
github.com/amimo/ollvm-breaker
github.com/JonathanSalwan/Tigress_protection
github.com/1111joe1111/tuts (vmprotect 3+)
github.com/F8LEFT/DecLLVM
github.com/mmyydd/relative-pattern
github.com/SCUBSRGroup/OLLVM_Deobfuscation

taint analyse

github.com/cea-sec/miasm (blackhat 2018)
bbs.pediy.com/thread-230299.htm
bbs.pediy.com/thread-230105.htm
bbs.pediy.com/thread-226603.htm
bbs.pediy.com/thread-224353.htm
bbs.pediy.com/thread-223849.htm
github.com/airbus-seclab/bincat
github.com/SCUBSRGroup/Taint-Analyse
github.com/airbus-seclab/bincat
github.com/SCUBSRGroup/Taint-Analyse
github.com/piscou/FuzzWin

bin diff

github.com/joxeankoret/pigaios
www.zynamics.com/bindiff.html
github.com/joxeankoret/diaphora
github.com/ExpLife/binarydiffer
github.com/ExpLife/patchdiff2_ida6
github.com/ExpLife/patchdiff2

debugger

github.com/marakew/syser

x64dbg plugin

github.com/horsicq
github.com/Ahmadmansoor/AdvancedScript
github.com/changeofpace/Force-Page-Protection
github.com/secrary/idenLib
github.com/Gbps/x64dbg-consonance-theme
github.com/ThunderCls/xAnalyzer
github.com/mrexodia/TitanHide
github.com/x64dbg/InterObfu
github.com/x64dbg/ScyllaHide
github.com/Nukem9/SwissArmyKnife
github.com/x64dbg/x64dbg/wiki/Plugins

live kernel debug

samsclass.info/126/proj/p12-kernel-debug-win10.htm?tdsourcetag=s_pctim_aiomsg
gds89.wordpress.com/2010/05/19/windows-7-x64-local-and-live-kernel-debugging/

windbg plugin

github.com/0cch/luadbg (lua ext)
github.com/repnz/windbg-cheat-sheet
github.com/long123king/tokenext
github.com/long123king/grep (regular expression)
github.com/fdiskyou/iris
github.com/pstolarz/dumpext (pe unpack)
www.andreybazhan.com/debugging.html
github.com/vallejocc/Reverse-Engineering-Arsenal/ (anti-anti_debugging winDbg scripts)
github.com/vagnerpilar/windbgtree (nice plugin)
github.com/hugsy/windbg_js_scripts (js)
github.com/0vercl0k/windbg-scripts (js)
github.com/REhints/WinDbg
github.com/jthuraisamy/DIRT
github.com/OSRDrivers/penter
github.com/OSRDrivers/windbg-exts
github.com/panoramixor/GDIObjDump
codeday.me/bug/20171003/80216.html
virtualkd.sysprogs.org/
github.com/VincentSe/WatchTrees

virtualkd

github.com/4d61726b/VirtualKD-Redux

ida plugin

github.com/fireeye/FIDL
github.com/mefistotelis/ida-pro-loadmap
github.com/ampotos/dynStruct
github.com/patois/HRDevHelper
github.com/0xeb/ida-qscripts (easy developing script)
github.com/google/binexport
github.com/nihilus/ida-pro-swf
github.com/ax330d/hrdev
github.com/ax330d/ida_pdb_loader
github.com/ax330d/functions-plus
github.com/ecx86/classinformer-ida7
github.com/IOActive/kmdf_re
github.com/a1ext/labeless
github.com/kkHAIKE/tinyidb
github.com/RolfRolles/HexRaysDeob (deobfuscate)
github.com/icewall/BinDiffFilter
github.com/devttys0/ida/
github.com/dude719/SigMaker-x64 (pat2sig)
github.com/fireeye/flare-ida (idb2pat)
zznop.github.io/bnida/
github.com/zyantific/IDASkins
github.com/eugeii/ida-consonance
github.com/mwrlabs/win_driver_plugin
github.com/igogo-x86/HexRaysPyTools
github.com/techbliss/Python_editor
github.com/tmr232/Sark
sark.readthedocs.io/en/latest/debugging.html
bbs.pediy.com/thread-224627.htm (wing debugging idapython script)

ida sig maker

github.com/wanttobeno/IDASignMaker
blog.csdn.net/lixiangminghate/article/details/81352205

idapython

github.com/Chordp/PatternGen (Pattern)
github.com/inforion/idapython-cheatsheet
github.com/thalium/idatag
github.com/sophoslabs/WebAssembly
github.com/howmp/COMFinder
github.com/maddiestone/IDAPythonEmbeddedToolkit
github.com/zyantific/IDASkins
github.com/ynvb/DIE
github.com/nologic/idaref
github.com/anatolikalysch/VMAttack
github.com/36hours/idaemu
github.com/gaasedelen/lighthouse
github.com/avast-tl/retdec-idaplugin
github.com/1111joe1111/ida_ea
github.com/eugeii/ida-consonance
github.com/IDArlingTeam/IDArling
github.com/aaronportnoy/toolbag
github.com/L4ys/LazyIDA
github.com/push0ebp/sig-database
github.com/igogo-x86/HexRaysPyTools
github.com/intezer/docker-ida
github.com/keystone-engine/keypatch
github.com/dzzie/IDACompare
github.com/snare/ida-efiutils
github.com/zachriggle/ida-splode
github.com/nccgroup/idahunt
github.com/iphelix/ida-sploiter
github.com/ALSchwalm/dwarfexport
github.com/Maktm/FLIRTDB
github.com/strazzere/golang_loader_assist
github.com/Ga-ryo/IDAFuzzy
github.com/duo-labs/idapython
github.com/polymorf/findcrypt-yara
github.com/patois/IDACyber
github.com/F8LEFT/DecLLVM
github.com/RobinDavid/idasec
github.com/tboox/vm86
github.com/siberas/IDA2Sym
github.com/sibears/IDAGolangHelper
github.com/tmr232/IDABuddy
github.com/zyantific/REtypedef
github.com/nihilus/IDA_Signsrch
github.com/ax330d/ida_pdb_loader
github.com/alexander-hanel/idapython6to7
github.com/nektra/vtbl-ida-pro-plugin
github.com/wirepair/IDAPinLogger
github.com/BinaryAnalysisPlatform/bap-ida-python
github.com/alexander-pick/patchdiff2_ida6
github.com/ecx86/classinformer-ida7
github.com/nccgroup/SusanRTTI
github.com/gaasedelen/prefix
github.com/andreafioraldi/IDAngr
github.com/Cr4sh/IDA-VMware-GDB
github.com/Comsecuris/ida_strcluster
github.com/airbus-seclab/bincat
github.com/a1ext/auto_re
github.com/gynophage/solarized_ida
github.com/luorui110120/IDAplugins
github.com/0xItx/ida_nightfall
github.com/xorpd/idsearch
github.com/nihilus/IDASimulator
github.com/dude719/SigMaker-x64
github.com/fireeye/SimplifyGraph
github.com/google/binexport
github.com/deresz/funcap
github.com/IOActive/kmdf_re
www.h4ck.org.cn/2011/07/ida-pe6-dll-unpack/
www.anquanke.com/post/id/151898
www.anquanke.com/post/id/85890
www.cnblogs.com/17bdw/p/7785469.html
4hou.win/wordpress/?cat=1178 (pin & ida)
wizardforcel.gitbooks.io/grey-hat-python/
spd.dropsec.xyz/2016/10/05/IDAPython%E5%AE%89%E8%A3%85/
spd.dropsec.xyz/2017/04/09/%E7%AC%A6%E5%8F%B7%E6%89%A7%E8%A1%8C-%E5%9F%BA%E4%BA%8Epython%E7%9A%84%E4%BA%8C%E8%BF%9B%E5%88%B6%E5%88%86%E6%9E%90%E6%A1%86%E6%9E%B6angr/
spd.dropsec.xyz/2016/10/16/IDAPython%E8%84%9A%E6%9C%AC%E4%B9%8B%E6%94%B6%E9%9B%86%E5%87%BD%E6%95%B0%E7%9A%84%E8%B0%83%E7%94%A8%E4%BF%A1%E6%81%AF/
www.freebuf.com/sectool/92107.html
www.freebuf.com/sectool/92168.html
www.freebuf.com/articles/system/92488.html
www.freebuf.com/articles/system/92505.html
www.freebuf.com/articles/system/93440.html
www.fortinet.com/blog/threat-research/rewriting-idapython-script-objc2-xrefs-helper-py-for-hopper.html
sark.readthedocs.io/en/latest/debugging.html
cartermgj.github.io/2017/10/10/ida-python/
security.tencent.com/index.php/blog/msg/4
wingware.com/doc/howtos/idapython
www.somersetrecon.com/blog/2018/7/6/introduction-to-idapython-for-vulnerability-hunting
0xeb.net/2018/02/writing-a-simple-x86-emulator-with-idapython/
0xeb.net/2018/02/writing-a-simple-x86-emulator-with-idapython/
resources.infosecinstitute.com/saving-time-effort-idapython/#gref
www.thezdi.com/blog/2018/5/21/mindshare-walking-the-windows-kernel-with-ida-python
www.thezdi.com/blog/2018/7/19/mindshare-an-introduction-to-pykd
www.thezdi.com/blog/2018/6/26/mindshare-variant-hunting-with-ida-python
www.mopsled.com/2016/add-shortcut-for-idapython-script-ida-pro/
blog.sina.com.cn/s/blog_9f5e368a0102wnmm.html
www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/october/python-class-informer-an-idapython-plugin-for-viewing-run-time-type-information-rtti/
www.pydoc.io/pypi/python-idb-0.4.0/autoapi/analysis/index.html
securityxploded.com/api-call-tracing-with-pefile-pydbg-and-idapython.php
www.cnblogs.com/0xJDchen/p/7527236.html
www.williballenthin.com/blog/2015/09/04/idapython-synchronization-decorator/
www.fireeye.com/blog/threat-research/2015/01/flare_ida_pro_script.html
bbs.pediy.com/thread-226983.htm
www.trustwave.com/Resources/SpiderLabs-Blog/Defeating-Flame-String-Obfuscation-with-IDAPython/
www.anquanke.com/post/id/151898
edoc.site/idapython-bookpdf-pdf-free.html
serializethoughts.com/tag/idapython/
exploiting.wordpress.com/2011/12/06/quickpost-idapython-script-to-identify-unrecognized-functions/
barbie.uta.edu/~xlren/Diaphora/diaphora_help.pdf
www.jianshu.com/p/ee789e8acb03
blog.51cto.com/watertoeast/2084700
blog.51cto.com/watertoeast/1352787
blog.clamav.net/2014/02/generating-clamav-signatures-with.html
www.mnin.org/write/2006_extract_xor.pdf
www.hexacorn.com/blog/2015/12/21/idapython-making-strings-decompiler-friendly/
standa-note.blogspot.com/2015/01/arm-exception-handling-and-idapython.html
codegist.net/code/idapython-script/
reverseengineering.stackexchange.com/questions/16055/idapython-get-xrefs-to-a-stack-variable

pykd

github.com/sogeti-esec-lab/LKD
www.anquanke.com/post/id/86909
www.anquanke.com/post/id/86896
www.anquanke.com/post/id/83205
blog.csdn.net/jimoguilai/article/details/25286029
blog.csdn.net/jimoguilai/article/details/29827283
blog.csdn.net/jimoguilai/article/details/38122863
blog.csdn.net/linux_vae/article/details/77532758
blog.csdn.net/linux_vae/article/details/77532758
blog.csdn.net/ambihan/article/details/35775933
www.zerodayinitiative.com/blog/2018/7/19/mindshare-an-introduction-to-pykd
www.cnblogs.com/fanzi2009/archive/2012/12/10/2811543.html
cloud.tencent.com/developer/article/1005628
eternalsakura13.com/2018/07/03/firefox_env/
binvoke.com/inline-assembly-in-x64/
webstersprodigy.net/2014/01/06/soft-function-hooking-with-windbg-and-pykd/
rayanfam.com/topics/pykd-tutorial-part1/
rayanfam.com/topics/pykd-tutorial-part2/
labs.mwrinfosecurity.com/blog/heap-tracing-with-windbg-and-python/
www.miguelventura.pt/scripting-windbg-with-pykd.html
labs.nettitude.com/blog/windbg-using-pykd-to-dump-private-symbols/
webstersprodigy.net/2014/01/06/soft-function-hooking-with-windbg-and-pykd/
www.cnblogs.com/fanzi2009/archive/2012/12/10/2811543.html
www.freebuf.com/articles/system/103816.html
bbs.pediy.com/thread-224904.htm
theevilbit.blogspot.com/2017/09/pool-spraying-fun-part-1.html
theevilbit.blogspot.com/2017/09/windows-kernel-pool-spraying-fun-part-2.html
theevilbit.blogspot.com/2017/09/windows-kernel-pool-spraying-fun-part-3.html
theevilbit.blogspot.com/2017/09/windows-kernel-pool-spraying-fun-part-4.html
githomelab.ru/pykd/pykd/-/issues/3

rpc

github.com/gentilkiwi/basic_rpc

hash dump

github.com/AlessandroZ/LaZagneForensic
github.com/AlessandroZ/LaZagne (browser credentials recovery)
github.com/gentilkiwi/mimikatz

auxiliary lib

github.com/David-Reguera-Garcia-Dreg/auxlib

ring3 nt api

github.com/adrianyy/x64-syscall
github.com/icestudent/ontl
www.vergiliusproject.com/kernels
github.com/DissectMalware/WinNativeIO
github.com/zodiacon/WindowsInternals/tree/master/MemLimit/ndk
github.com/codereversing/wow64syscall
github.com/processhacker/phnt
github.com/ntdiff/ntdiff
ntdiff.github.io
github.com/ntdiff/headers
github.com/Chuyu-Team/NativeLib

winpcap

libtins.github.io/tutorial/
github.com/abapat/DNSPoison
www.ferrisxu.com/WinPcap/html/index.html
github.com/wqqhit/DNSHijack
github.com/klemenb/fiddly
blog.csdn.net/Ni9htMar3/article/details/54612394
www.cnblogs.com/xcj26/articles/6073411.html
www.freebuf.com/articles/system/103526.html
github.com/illahaha/zxarps (arpcheat)
github.com/sincoder/zxarps (arpcheat)

metasploit

github.com/entynetproject/entypreter
github.com/dr0op/MsfRpcApi
github.com/phackt/stager.dll
github.com/ExpLife/metasploit-framework
github.com/NytroRST/NetRipper
github.com/breenmachine/RottenPotatoNG

shellcode generator

github.com/DownWithUp/DynamicKernelShellcode
github.com/TheWover/donut

shellcode encoder

github.com/ecx86/shellcode_encoder

shadow

github.com/lcxl/lcxl-shadow

network lib

github.com/zhllxt/asio2

http

github.com/elnormous/HTTPRequest
github.com/vlinhd11/WinHttpClass
github.com/hpsocket/restclient-cpp
github.com/farawaaay/http2 (http/2)
github.com/OlehKulykov/libnhr
github.com/erickutcher/httpdownloader

https proxy

github.com/justcoding121/Titanium-Web-Proxy
anyproxy.io/cn/
github.com/killbug2004/HttpsProxy
github.com/erickutcher/httpproxy

sock proxy

github.com/liulilittle/PaperAirplane

reverse proxy

github.com/fatedier/frp/

mitm

github.com/zliu-fd/WinDivertProxy
github.com/sipt/shuttle (GO)
github.com/conorpp/MiTM-HTTP-Proxy
github.com/moxie0/sslsniff
github.com/wuchangming/node-mitmproxy
github.com/hostilefork/flatworm
github.com/progtramder/webproxy
github.com/empijei/wapty
github.com/xxxxnnxxxx/HttpProxy
github.com/astibal/smithproxy
github.com/TechnikEmpire/CitadelCore
github.com/TechnikEmpire/HttpFilteringEngine
blog.csdn.net/kunyus/article/details/78679717
github.com/liuyufei/SSLKiller
blog.csdn.net/Tencent_Bugly/article/details/72626127
github.com/pfussell/pivotal

ssl

github.com/edwig/SSLSocket

json

github.com/ez8-co/xpjson
github.com/marcusbotacin/MyJSON

serialization

github.com/ez8-co/es11n

awesome

github.com/FULLSHADE/WindowsExploitationResources
github.com/Wenzel/awesome-virtualization
github.com/alphaSeclab/anti-av
github.com/kevingo/coding-interview-university-zh-tw/blob/master/translations/README-cn.md
websec.readthedocs.io/zh/latest/ (web sec)
ctf-wiki.github.io/ctf-wiki/pwn/readme-zh/
chybeta.github.io/2017/08/19/Software-Security-Learning/
github.com/alphaSeclab/awesome-reverse-engineering
github.com/enovella/TEE-reversing
github.com/1c7/chinese-independent-developer
github.com/theLSA/CS-checklist
github.com/wcventure/FuzzingPaper
github.com/wcventure/BugDetectionPaper
github.com/xrkk/awesome-ida
github.com/SecWiki/sec-chart
github.com/skywind3000/awesome-cheatsheets (cheatsheets)
github.com/toutiaoio/awesome-architecture
github.com/streetleague/0xbird.github.io
github.com/BlackINT3/awesome-debugging
github.com/yeyintminthuhtut/Awesome-Advanced-Windows-Exploitation-References
github.com/jobbole/awesome-design-cn
github.com/xuanhun/HackingResource
github.com/yeyintminthuhtut/Awesome-Windows-Exploitation-Study-References
github.com/anhkgg/awesome-windbg-extensions
github.com/wcventure/FuzzingPaper
github.com/fr0gger/awesome-ida-x64-olly-plugin
github.com/Ridter/Intranet_Penetration_Tips
github.com/danielmiessler/SecLists
github.com/yeyintminthuhtut/Awesome-Red-Teaming
github.com/REMath/literature_review
github.com/phith0n/Mind-Map
github.com/CHYbeta/Software-Security-Learning
github.com/0x4D31/awesome-threat-detection
github.com/Escapingbug/awesome-browser-exploit
github.com/CaledoniaProject/awesome-opensource-security
github.com/rshipp/awesome-malware-analysis
github.com/lmy375/awesome-vmp
github.com/ksluckow/awesome-symbolic-execution
github.com/szysec/ctftest
stackoverflow.com/questions/4946685/good-tutorial-for-windbg
github.com/rmusser01/Infosec_Reference
github.com/sam-b/windows_kernel_resources
github.com/EbookFoundation/free-programming-books
github.com/justjavac/free-programming-books-zh_CN
github.com/rmusser01/Infosec_Reference/
github.com/jshaw87/Cheatsheets
github.com/RPISEC/MBE

windows Driver Kit ddi (device driver interface) documentation

docs.microsoft.com/zh-cn/windows-hardware/drivers/install/
docs.microsoft.com/zh-cn/windows-hardware/drivers/kernel/
docs.microsoft.com/zh-cn/windows-hardware/drivers/network/
docs.microsoft.com/zh-cn/windows-hardware/drivers/ddi/
docs.microsoft.com/zh-cn/windows-hardware/drivers/driversecurity
docs.microsoft.com/zh-cn/windows-hardware/drivers/wdf/
docs.microsoft.com/zh-cn/windows-hardware/drivers/samples/
docs.microsoft.com/zh-cn/windows-hardware/drivers/debugger/
docs.microsoft.com/zh-cn/previous-versions/windows/embedded/gg157655(v=winembedded.80)
docs.microsoft.com/zh-cn/windows-hardware/drivers/debugger/time-travel-debugging-overview
docs.microsoft.com/zh-cn/previous-versions/visualstudio/visual-studio-2010/aa983363(v=vs.100) (vmx)

windbg preview

github.com/benoitsevens/applying-ttd-to-malware-analysis
github.com/Microsoft/WinDbg-Samples ![Github forks](https://shields.io/github/forks/Microsoft/WinDbg-Samples?st

文章链接

https://developer.chat/awesome-windows-kernel-security-development

登录发表评论

标签

↑