y11en's Projects
A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.
sample driver for hooking srv!SrvTransactionNotImplemented in srv!SrvTransaction2DispatchTable (DoublePulsar PoC) (x64)
A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks
Infect Shared Files In Memory for Lateral Movement
Simple 32/64-bit PEs loader.
Evasive shellcode loader for bypassing event-based injection detection (PoC)
研究和移除各种内核回调,在anti anti cheat的路上越走越远
DriverBuddy is an IDA Python script to assist with the reverse engineering of Windows kernel drivers.
Use Driver Global Memory Load DLL
InjectDll
Monitor activity of any driver
409 version driver
Dr.Semu - Malware Detection and Classification Tool Based on Dynamic Behavior
Simple driver loader for windows
Windows x64 Driver Signature Enforcement Overrider
检测绝大部分所谓的内存免杀马
Top level overlay drawing for game cheating using dwm.exe
将shellcode注入dwm.exe以进行屏幕截取
Complete DX11 Internal Hook w/ Dear ImGui
简单的屏幕录像..使用DX9截屏,ffmpeg h264编码
Windows Kernel Driver with C++ runtime
An example of how x64 kernel shellcode can dynamically find and use APIs
基于内核模式的硬件信息欺骗工具
Easy Anti PatchGuard
EasyHook - The reinvention of Windows API Hooking