https://github.com/howknows/awesome-windows-security-development

awesome-windows-security-development
https://github.com/howknows/awesome-windows-security-development

List: awesome-windows-security-development

Last synced: about 2 months ago
JSON representation

awesome-windows-security-development

• Host: GitHub
• URL: https://github.com/howknows/awesome-windows-security-development
• Owner: howknows
• License: mit
• Created: 2018-03-15T09:06:04.000Z (over 6 years ago)
• Default Branch: master
• Last Pushed: 2018-03-15T07:10:19.000Z (over 6 years ago)
• Last Synced: 2024-05-22T04:10:40.491Z (4 months ago)
• Homepage:
• Size: 145 KB
• Stars: 168
• Watchers: 10
• Forks: 99
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

• awesome-cybersecurity - awesome-windows-security-development - Awesome-windows-security-development. (System)

README

        


	

	


	




# awesome-windows-security-development

## Forked from ExpLife/awesome-windows-kernel-security-development.but...He deleted

## windows kernel driver with c++ runtime

- https://github.com/ExpLife/DriverSTL

- https://github.com/sysprogs/BazisLib

- https://github.com/AmrThabet/winSRDF

- https://github.com/sidyhe/dxx

- https://github.com/zer0mem/libc

- https://github.com/eladraz/XDK

- https://github.com/vic4key/Cat-Driver

- https://github.com/AndrewGaspar/km-stl

- https://github.com/zer0mem/KernelProject

- https://github.com/zer0mem/miniCommon

- https://github.com/jackqk/mystudy

- https://github.com/yogendersolanki91/Kernel-Driver-Example

## dkom

- https://github.com/nbqofficial/HideDriver

- https://github.com/ZhuHuiBeiShaDiao/NewHideDriverEx

- https://github.com/landhb/HideProcess

- https://github.com/tfairane/DKOM

- https://github.com/Sqdwr/HideDriver

## ssdt hook

- https://github.com/int0/ProcessIsolator

- https://github.com/mrexodia/TitanHide (x64dbg Plugin)-(DragonQuestHero Suggest)

- https://github.com/papadp/shd

- https://github.com/bronzeMe/SSDT_Hook_x64

- https://github.com/s18leoare/Hackshield-Driver-Bypass

- https://github.com/sincoder/hidedir

- https://github.com/wyrover/HKkernelDbg

- https://github.com/CherryZY/Process_Protect_Module

- https://github.com/weixu8/RegistryMonitor

- https://github.com/nmgwddj/Learn-Windows-Drivers

    

## eat/iat/object/irp/iat hook

- https://github.com/xiaomagexiao/GameDll

- https://github.com/HollyDi/Ring0Hook

- https://github.com/mgeeky/prc_xchk

- https://github.com/tinysec/iathook

- https://github.com/stevemk14ebr/PolyHook

## inline hook

- https://github.com/VideoCardGuy/HideProcessInTaskmgr

- https://github.com/MalwareTech/FstHook

- https://github.com/Menooker/FishHook

- https://github.com/G-E-N-E-S-I-S/latebros

- https://bbs.pediy.com/thread-214582.htm

## inject technique

- https://github.com/VideoCardGuy/X64Injector

- https://github.com/papadp/reflective-injection-detection (InjectFromMemory)

- https://github.com/psmitty7373/eif (InjectFromMemory)

- https://github.com/rokups/ReflectiveLdr (InjectFromMemory)

- https://github.com/BenjaminSoelberg/ReflectivePELoader (InjectFromMemory) 

- https://github.com/NtRaiseHardError/Phage (InjectFromMemory)

- https://github.com/dismantl/ImprovedReflectiveDLLInjection (InjectFromMemory)

- https://github.com/CylanceVulnResearch/ReflectiveDLLRefresher (InjectFromMemory)

- https://github.com/amishsecurity/paythepony (InjectFromMemory)

- https://github.com/deroko/activationcontexthook

- https://github.com/georgenicolaou/HeavenInjector

- https://github.com/tinysec/runwithdll

- https://github.com/NtOpcode/NT-APC-Injector

- https://github.com/caidongyun/WinCodeInjection

- https://github.com/countercept/doublepulsar-usermode-injector

- https://github.com/mq1n/DLLThreadInjectionDetector

- https://github.com/hkhk366/Memory_Codes_Injection

- https://github.com/chango77747/ShellCodeInjector_MsBuild

- https://github.com/Zer0Mem0ry/ManualMap

- https://github.com/secrary/InfectPE

- https://github.com/zodiacon/DllInjectionWithThreadContext

- https://github.com/NtOpcode/RtlCreateUserThread-DLL-Injection

- https://github.com/hasherezade/chimera_loader

- https://github.com/Ciantic/RemoteThreader

- https://github.com/OlSut/Kinject-x64

- https://github.com/tandasat/RemoteWriteMonitor

- https://github.com/stormshield/Beholder-Win32

- https://github.com/secrary/InjectProc

- https://github.com/AzureGreen/InjectCollection

- https://github.com/uItra/Injectora

- https://github.com/rootm0s/Injectors

- https://github.com/Spajed/processrefund

- https://github.com/al-homedawy/InjecTOR

- https://github.com/OlSut/Kinject-x64

- https://github.com/stormshield/Beholder-Win32

- https://github.com/yifiHeaven/MagicWall

## load Dll from memory

- https://github.com/fancycode/MemoryModule

- https://github.com/strivexjun/MemoryModulePP

## process hollowing

- https://github.com/Spajed/processrefund

- https://github.com/KernelMode/Process_Doppelganging

- https://github.com/hasherezade/process_doppelganging

- https://github.com/m0n0ph1/Process-Hollowing

- https://github.com/KernelMode/RunPE-ProcessHollowing

- https://github.com/KernelMode/RunPE_Detecter

## pe loader

- https://github.com/VideoCardGuy/PELoader

## dll to shellcode

- https://github.com/w1nds/dll2shellcode

## hide & delete dll

- https://github.com/wyyqyl/HideModule

## load driver from memory

- https://github.com/Professor-plum/Reflective-Driver-Loader

## hook engine

- https://github.com/Ilyatk/HookEngine

- https://github.com/zyantific/zyan-hook-engine

- https://github.com/martona/mhook

- https://github.com/EasyHook/EasyHook

- https://github.com/RelicOfTesla/Detours

## callback

- https://github.com/JKornev/hidden

- https://github.com/binbibi/CallbackEx

- https://github.com/swwwolf/cbtest

- https://github.com/nmgwddj/Learn-Windows-Drivers

- https://github.com/SamLarenN/CallbackDisabler

## minifilter

- https://github.com/aleksk/LazyCopy

- https://github.com/guidoreina/minivers

- https://github.com/idkwim/mfd

- https://github.com/Coxious/Antinvader

- https://github.com/tandasat/Scavenger

- https://github.com/fishfly/X70FSD

- https://github.com/aleksk/LazyCopy

- https://github.com/ExpLife/BKAV.Filter

## virtual disk

- https://github.com/zhaozhongshu/winvblock_vs

- https://github.com/yogendersolanki91/Kernel-Driver-Example

## virtual file system

- https://github.com/ExpLife/CodeUMVFS

- https://github.com/yogendersolanki91/ProcessFileSystem

- https://github.com/BenjaminKim/dokanx

## lpc

- https://github.com/avalon1610/LPC

## alpc

- https://github.com/avalon1610/ALPC

## lsp

- https://github.com/AnwarMohamed/Packetyzer

## afd

 

- https://github.com/xiaomagexiao/GameDll 

- https://github.com/DeDf/afd

- https://github.com/a252293079/NProxy

## tdi

- https://github.com/Sha0/winvblock

- https://github.com/michael4338/TDI

- https://github.com/cullengao/tdi_monitor

- https://github.com/uniking/TDI-Demo

- https://github.com/codereba/netmon

## wfp

- https://github.com/basil00/Divert

- https://github.com/WPO-Foundation/win-shaper

- https://github.com/raymon-tian/WFPFirewall

- https://github.com/henrypp/simplewall

- https://docs.microsoft.com/zh-cn/windows-hardware/drivers/network/porting-packet-processing-drivers-and-apps-to-wfp

- https://github.com/thecybermind/ipredir

- https://github.com/RmzVoid/RMZSol

- https://github.com/BrunoMCBraga/Kernel-Whisperer

- https://github.com/KBancerz/kkvpn_driver

- https://github.com/JaredWright/WFPStarterKit

## ndis

- https://github.com/zy520321/ndis-filter

- https://github.com/yuanmaomao/NDIS_Firewall

- https://github.com/SoftEtherVPN/Win10Pcap

- https://github.com/IsoGrid/NdisProtocol

- https://github.com/lcxl/lcxl-net-loader

- https://www.ntkernel.com/windows-packet-filter/

- https://github.com/michael4338/NDIS

- https://github.com/IAmAnubhavSaini/ndislwf

- https://github.com/OpenVPN/tap-windows6

- https://github.com/SageAxcess/pcap-ndis6

- https://github.com/uniking/NDIS-Demo

- https://github.com/mkdym/NDISDriverInst

- https://github.com/debugfan/packetprot

- https://github.com/Iamgublin/NDIS6.30-NetMonitor

- https://github.com/nmap/npcap

- https://github.com/Ltangjian/FireWall

- https://github.com/Microsoft/Windows-driver-samples/tree/master/network/config/bindview

- https://github.com/brorica/http_inject (winpcap)

## wsk

- https://github.com/reinhardvz/wsk

- https://github.com/akayn/kbMon

- https://github.com/02strich/audionet

- https://github.com/mestefy/securityplus

- https://github.com/skycipher/CNGProvider

## rootkits

- https://github.com/HoShiMin/EnjoyTheRing0

- https://github.com/hfiref0x/ZeroAccess

- https://github.com/hackedteam/driver-win32

- https://github.com/hackedteam/driver-win64

- https://github.com/csurage/Rootkit

- https://github.com/bowlofstew/rootkit.com

- https://github.com/Nervous/GreenKit-Rootkit

- https://github.com/bytecode-77/r77-rootkit

- https://github.com/Cr4sh/WindowsRegistryRootkit

- https://github.com/Alifcccccc/Windows-Rootkits

- https://github.com/Schnocker/NoEye

- https://github.com/christian-roggia/open-myrtus

- https://github.com/Cr4sh/DrvHide-PoC

- https://github.com/mstefanowich/SquiddlyDiddly2

- https://github.com/MalwareTech/FakeMBR

- https://github.com/Cr4sh/PTBypass-PoC

- https://github.com/psaneme/Kung-Fu-Malware

- https://github.com/hasherezade/persistence_demos

- https://github.com/MinhasKamal/TrojanCockroach

- https://github.com/akayn/kbMon

- https://github.com/hm200958/kmdf--analyse

## mbr

- https://github.com/Cisco-Talos/MBRFilter

## bootkits

- https://github.com/DeviceObject/rk2017

- https://github.com/DeviceObject/ChangeDiskSector

- https://github.com/DeviceObject/Uefi_HelloWorld

- https://github.com/DeviceObject/ShitDrv

- https://github.com/DeviceObject/DarkCloud

- https://github.com/nyx0/Rovnix

- https://github.com/MalwareTech/TinyXPB

- https://github.com/m0n0ph1/Win64-Rovnix-VBR-Bootkit

- https://github.com/NextSecurity/Gozi-MBR-rootkit

- https://github.com/NextSecurity/vector-edk

- https://github.com/ahixon/booty

## uefi/smm

- https://github.com/DeviceObject/Uefi_HelloWorld

- https://github.com/LongSoft/UEFITool

- https://github.com/dude719/UEFI-Bootkit

- https://github.com/quarkslab/dreamboot

- https://github.com/gyje/BIOS_Rootkit

- https://github.com/scumjr/the-sea-watcher

- https://github.com/zhuyue1314/stoned-UEFI-bootkit

- https://github.com/hackedteam/vector-edk

- https://github.com/Cr4sh/SmmBackdoor

- https://github.com/Cr4sh/PeiBackdoor

- https://github.com/Cr4sh/fwexpl

## smc

- https://github.com/marcusbotacin/Self-Modifying-Code

## anti debug

- https://github.com/strivexjun/XAntiDebug

- https://github.com/marcusbotacin/Anti.Analysis

- https://github.com/LordNoteworthy/al-khaser

- https://github.com/eschweiler/ProReversing

## malware

- https://github.com/mwsrc/XtremeRAT

- https://github.com/mwsrc/Schwarze-Sonne-RAT (delphi)

- https://github.com/Mr-Un1k0d3r/ThunderShell (powershell)

- https://github.com/DimChris0/LoRa

- https://github.com/marcusbotacin/Malware.Multicore

- https://github.com/bxlcity/malware

- https://github.com/grcasanova/SuperVirus

- https://github.com/hackedteam/core-win32

- https://github.com/hackedteam/scout-win

- https://github.com/hackedteam/vector-dropper

## malware analysis

- https://github.com/kevthehermit/RATDecoders

- https://github.com/marcusbotacin/Malware.Variants

- https://github.com/marcusbotacin/Hardware-Assisted-AV

- https://github.com/gentilkiwi/spectre_meltdown

- https://github.com/gentilkiwi/wanadecrypt

- https://github.com/bloomer1016

- https://github.com/CHEF-KOCH/malware-research

- https://github.com/gentilkiwi/wanakiwi

## arktools

- https://github.com/marcusbotacin/BranchMonitoringProject

- https://github.com/AzureGreen/ArkProtect

- https://github.com/AzureGreen/ArkToolDrv

- https://github.com/HollyDi/PCAssistant

- https://github.com/ChengChengCC/Ark-tools

- https://github.com/swatkat/arkitlib

- https://github.com/swwwolf/wdbgark

- https://github.com/zibility/Anti-Rootkits

- https://github.com/SLAUC91/AntiCheat

- https://github.com/sincoder/A-Protect

- https://github.com/apriorit/antirootkit-anti-splicer

- https://github.com/kedebug/ScDetective

- https://github.com/PKRoma/ProcessHacker

- https://github.com/AndreyBazhan/DbgExt

- https://github.com/comaeio/SwishDbgExt

- https://github.com/ExpLife/atomic-red-team

- https://github.com/shenghe/pcmanager

- https://github.com/lj1987new/guardlite

- https://github.com/hackshields/antivirus/

- https://github.com/AntiRootkit/BDArkit

## bypass patchguard

- https://github.com/hfiref0x/UPGDSED

- https://github.com/tandasat/PgResarch

- https://github.com/killvxk/DisableWin10PatchguardPoc

- https://github.com/tandasat/findpg

- https://github.com/zer0mem/HowToBoostPatchGuard

- https://bbs.pediy.com/thread-214582.htm

## bypass dse

- https://github.com/hfiref0x/TDL

- https://github.com/hfiref0x/DSEFix

## HackSysExtremeVulnerableDriver

- https://github.com/mgeeky/HEVD_Kernel_Exploit

- https://www.fuzzysecurity.com/tutorials.html

- https://rootkits.xyz/blog/

- https://github.com/hacksysteam/HackSysExtremeVulnerableDriver

- https://github.com/k0keoyo/HEVD-Double-Free-PoC

- https://github.com/k0keoyo/HEVD-Arbitrary-Overwrite-Exploit-Win10-rs3

- https://github.com/tekwizz123/HEVD-Exploit-Solutions

- https://github.com/k0keoyo/try_exploit

- https://github.com/Cn33liz/HSEVD-VariousExploits

- https://github.com/Cn33liz/HSEVD-StackOverflow

- https://github.com/Cn33liz/HSEVD-StackOverflowX64

- https://github.com/Cn33liz/HSEVD-StackCookieBypass

- https://github.com/Cn33liz/HSEVD-ArbitraryOverwriteGDI

- https://github.com/Cn33liz/HSEVD-StackOverflowGDI

- https://github.com/Cn33liz/HSEVD-ArbitraryOverwriteLowIL

- https://github.com/Cn33liz/HSEVD-ArbitraryOverwrite

- https://github.com/akayn/demos

## windows kernel exploits

- https://github.com/JeremyFetiveau/Exploits

- https://github.com/hfiref0x/Stryker

- https://github.com/swwwolf/obderef

- https://github.com/k0keoyo/CVE-2017-0038-EXP-C-JS

- https://github.com/cbayet/PoolSprayer

- https://github.com/k0keoyo/Vir.IT-explorer-Anti-Virus-Null-Pointer-Reference-PoC

- https://github.com/k0keoyo/Driver-Loaded-PoC

- https://github.com/k0keoyo/try_exploit

- https://github.com/k0keoyo/CVE-2015-2546-Exploit

- https://github.com/k0keoyo/Dark_Composition_case_study_Integer_Overflow

- https://github.com/tinysec/vulnerability

- https://github.com/akayn/demos

- https://github.com/abatchy17/WindowsExploits

- https://github.com/recodeking/WindowsExploitation

- https://github.com/GDSSecurity/Windows-Exploit-Suggester

- https://github.com/rwfpl/rewolf-pcausa-exploit

- https://github.com/ratty3697/HackSpy-Trojan-Exploit

- https://github.com/SecWiki/windows-kernel-exploits

- https://github.com/sensepost/ms16-098

- https://github.com/shjalayeri/sysret

- https://github.com/sam-b/windows_kernel_resources

- https://github.com/sensepost/gdi-palettes-exp

- https://github.com/ExpLife/ByPassCfg

- https://github.com/Rootkitsmm/WinIo-Vidix

- https://github.com/andrewkabai/vulnwindrv

- https://github.com/mwrlabs/CVE-2016-7255

- https://github.com/MarkHC/HandleMaster

- https://github.com/SamLarenN/CapcomDKOM

- https://github.com/zerosum0x0/puppetstrings

- https://github.com/zerosum0x0/ShellcodeDriver

- https://github.com/Rootkitsmm/WinIo-Vidix

- https://github.com/progmboy/kernel_vul_poc

- https://github.com/rwfpl/rewolf-msi-exploit

- https://github.com/rwfpl/rewolf-pcausa-exploit

- https://github.com/Rootkitsmm/Win10Pcap-Exploit

- https://github.com/Rootkitsmm/MS15-061

- https://github.com/Rootkitsmm/cve-2016-0040

- https://github.com/Rootkitsmm/CVEXX-XX

- https://github.com/sensepost/ms16-098

- https://github.com/Trietptm-on-Security/bug-free-adventure

- https://github.com/sam-b/CVE-2014-4113

- https://github.com/Rootkitsmm/OpenVpn-Pool-Overflow

- https://github.com/Rootkitsmm/UnThreatAVDriver-DOS

- https://github.com/Cr4sh/ThinkPwn

- https://github.com/hfiref0x/CVE-2015-1701

- https://github.com/tyranid/windows-logical-eop-workshop

- https://github.com/google/sandbox-attacksurface-analysis-tools

- https://github.com/tyranid/ExploitRemotingService

- https://github.com/tyranid/DeviceGuardBypasses

- https://github.com/tyranid/ExploitDotNetDCOM

- https://github.com/hatRiot/token-priv(EOP)

- https://github.com/weizn11/MS17010_AllInOne

- https://github.com/TeskeVirtualSystem/MS17010Test

## office exploit

- https://github.com/rxwx/CVE-2017-8570

## flash exploit

- https://github.com/brianwrf/CVE-2017-4878-Samples

## sandbox escape

- https://github.com/SilverMoonSecurity/SandboxEvasion

- https://github.com/exAphex/SandboxEscape

- https://github.com/Fel0ny/Sandbox-Detection

- https://github.com/CheckPointSW/InviZzzible

- https://github.com/MalwareTech/AppContainerSandbox

- https://github.com/tyranid/IE11SandboxEscapes

- https://github.com/649/Chrome-Sandbox-Exploit

- https://github.com/google/sandbox-attacksurface-analysis-tools

- https://github.com/conix-security/zer0m0n

- https://github.com/iceb0y/windows-container

- https://github.com/s7ephen/SandKit

- https://github.com/D4Vinci/Dr0p1t-Framework

- https://github.com/cryptolok/MorphAES

- https://github.com/mtalbi/vm_escape

- https://github.com/unamer/vmware_escape

- https://github.com/erezto/lua-sandbox-escape

- https://github.com/brownbelt/Edge-sandbox-escape

- https://github.com/shakenetwork/vmware_escape

- https://github.com/Cr4sh/prl_guest_to_host

## cve

- https://github.com/LiuCan01/cve-list-pro

- https://github.com/CVEProject/cvelist

## hips

- https://github.com/0xdabbad00/OpenHIPS

- https://github.com/ExpLife/Norton_AntiVirus_SourceCode

- https://github.com/majian55555/MJAntiVirusEngine

- https://github.com/develbranch/TinyAntivirus

- https://github.com/tandasat/EopMon

- https://github.com/tandasat/MemoryMon

## vt

- https://github.com/marche147/IoctlMon

- https://github.com/ionescu007/SimpleVisor

- https://github.com/zer0mem/MiniHyperVisorProject

- https://github.com/zer0mem/ShowMeYourGongFu

- https://github.com/zer0mem/HyperVisor

- https://github.com/marche147/SimpleVT

- https://github.com/DarthTon/HyperBone

- https://github.com/nick-kvmhv/splittlb

- https://github.com/zareprj/Vmx_Prj

- https://github.com/ZhuHuiBeiShaDiao/MiniVTx64

- https://github.com/tandasat/HyperPlatform

- https://github.com/hzqst/Syscall-Monitor

- https://github.com/asamy/ksm

- https://github.com/in12hacker/VT_64_EPT

- https://github.com/ZhuHuiBeiShaDiao/PFHook

- https://github.com/tandasat/FU_Hypervisor

- https://github.com/tandasat/DdiMon

- https://github.com/tandasat/GuardMon

- https://github.com/yqsy/VT_demo

- https://github.com/OkazakiNagisa/VTbasedDebuggerWin7

- https://github.com/Ouroboros/JuusanKoubou

- https://github.com/aaa1616/Hypervisor

- https://github.com/Nukem9/VirtualDbg

- https://github.com/Nukem9/VirtualDbgHide

- https://github.com/cheat-engine/cheat-engine

- https://github.com/Kelvinhack/kHypervisor

## fuzzer

- https://github.com/bee13oy/AV_Kernel_Vulns/tree/master/Zer0Con2017

- https://github.com/k0keoyo/kDriver-Fuzzer (Paper:https://whereisk0shl.top/post/2018-01-30)

- https://github.com/koutto/ioctlbf

- https://github.com/Cr4sh/ioctlfuzzer

- https://github.com/Cr4sh/MsFontsFuzz

- https://github.com/hfiref0x/NtCall64

- https://github.com/Rootkitsmm/Win32k-Fuzzer

- https://github.com/mwrlabs/KernelFuzzer

- https://github.com/SignalSEC/kirlangic-ttf-fuzzer

- https://github.com/demi6od/Smashing_The_Browser

- https://github.com/marche147/IoctlMon

- https://github.com/k0keoyo/Some-Kernel-Fuzzing-Paper

## emet

- https://github.com/codingtest/EMET

## hotpatch

- https://github.com/codingtest/windows_hotpatch

## game hack

- https://github.com/DreamHacks/dreamdota

- https://github.com/yoie/NGPlug-in

- https://github.com/DevelopKits/proj

- https://github.com/VideoCardGuy/ExpTool_GUI

- https://github.com/VideoCardGuy/Zhihu_SimpleLog

- https://github.com/VideoCardGuy/NewYuGiOh_CheatDLL_x64

- https://github.com/VideoCardGuy/Tetris

- https://github.com/VideoCardGuy/YuGiOh

- https://github.com/VideoCardGuy/SnakeAI

- https://github.com/VideoCardGuy/gitAsktao

- https://github.com/VideoCardGuy/War3Cheat

- https://github.com/VideoCardGuy/AStar_Study

- https://github.com/VideoCardGuy/BnsChina_SetSpeed

- https://github.com/VideoCardGuy/LOLProjects

- https://github.com/VideoCardGuy/NewYuGiOh_CheatDLL_x64

- https://github.com/VideoCardGuy/PictureMatchGame

- https://github.com/VideoCardGuy/AutoLoginByBnsChina

- https://github.com/VideoCardGuy/MemoryWatchTool

- https://github.com/VideoCardGuy/LOL_China

- https://github.com/mlghuskie/NoBastian

- https://github.com/G-E-N-E-S-I-S/BattlegroundsChams

- https://github.com/luciouskami/XignCode3Bypass

- https://github.com/luciouskami/CS-GO-Simple-Hack

- https://github.com/luciouskami/load-self-mix

- https://github.com/Karaulov/WarcraftIII_DLL_126-127

- https://github.com/TonyZesto/PubgPrivXcode85

- https://github.com/luciouskami/gameguard-for-war3

- https://github.com/PopcornEgg/LOLChangeSkin

- https://github.com/ValveSoftware/ToGL

- https://github.com/Karaulov/War3-SizeLimit-Bypass

- https://github.com/F7eak/Xenon

- https://github.com/syj2010syj/All-Star-Battle-2

## symbolic execution

- https://github.com/illera88/Ponce

- https://github.com/gaasedelen/lighthouse

## deobfuscation

- https://github.com/SCUBSRGroup/OLLVM_Deobfuscation

## taint analyse

- https://github.com/SCUBSRGroup/Taint-Analyse

## bin diff

- https://www.zynamics.com/bindiff.html

- https://github.com/joxeankoret/diaphora

- https://github.com/ExpLife/binarydiffer

- https://github.com/ExpLife/patchdiff2_ida6

- https://github.com/ExpLife/patchdiff2

## x64dbg plugin

- https://github.com/mrexodia/TitanHide

- https://github.com/x64dbg/InterObfu

- https://github.com/x64dbg/ScyllaHide

- https://github.com/Nukem9/SwissArmyKnife

- https://github.com/x64dbg/x64dbg/wiki/Plugins

## windbg plugin

- https://github.com/VincentSe/WatchTrees

## ida script & plugin

- https://github.com/mwrlabs/win_driver_plugin

- https://github.com/igogo-x86/HexRaysPyTools

- https://github.com/techbliss/Python_editor

- https://github.com/tmr232/Sark

- http://sark.readthedocs.io/en/latest/debugging.html

- https://bbs.pediy.com/thread-224627.htm (wing debugging idapython script)

## rpc

- https://github.com/gentilkiwi/basic_rpc

## hash dump

- https://github.com/gentilkiwi/mimikatz

##  auxiliary lib

- https://github.com/David-Reguera-Garcia-Dreg/auxlib

## ring3 nt api

- https://github.com/Chuyu-Team/NativeLib

## dll hijack

- https://github.com/strivexjun/AheadLib-x86-x64

## winpcap

- https://github.com/klemenb/fiddly

- http://blog.csdn.net/Ni9htMar3/article/details/54612394

- https://www.cnblogs.com/xcj26/articles/6073411.html

- http://www.freebuf.com/articles/system/103526.html

- https://github.com/illahaha/zxarps (arpcheat)

- https://github.com/sincoder/zxarps (arpcheat)

## metasploit

- https://github.com/NytroRST/NetRipper

- https://github.com/breenmachine/RottenPotatoNG

## shadow

- https://github.com/lcxl/lcxl-shadow

## http

- https://github.com/OlehKulykov/libnhr

- https://github.com/erickutcher/httpdownloader

## https proxy

- https://github.com/killbug2004/HttpsProxy

- https://github.com/erickutcher/httpproxy

## mitm

- https://github.com/liuyufei/SSLKiller

- http://blog.csdn.net/Tencent_Bugly/article/details/72626127

- https://github.com/pfussell/pivotal

## json

- https://github.com/marcusbotacin/MyJSON

## awesome

- https://github.com/sam-b/windows_kernel_resources

- https://github.com/EbookFoundation/free-programming-books

- https://github.com/justjavac/free-programming-books-zh_CN

- https://github.com/rmusser01/Infosec_Reference/

- https://github.com/jshaw87/Cheatsheets

- https://github.com/RPISEC/MBE

## windows Driver Kit ddi (device driver interface) documentation

- https://docs.microsoft.com/zh-cn/windows-hardware/drivers/ddi/

- https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/windbg-scripting-preview

## windbg preview & jsprovider

- http://doar-e.github.io/blog/2017/12/01/debugger-data-model/

## vm

- https://github.com/tboox/vm86

## tools

- http://www.softpedia.com/get/Programming/Debuggers-Decompilers-Dissasemblers/

## nsa security tools

- https://github.com/exploitx3/FUZZBUNCH

- https://github.com/fuzzbunch/fuzzbunch

- https://github.com/peterpt/fuzzbunch

## apt

- https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections

- https://github.com/kbandla/APTnotes

- https://attack.mitre.org/wiki/Groups

- https://github.com/fdiskyou/threat-INTel

## 3rd party library

- https://github.com/GiovanniDicanio/WinReg

- https://github.com/GiovanniDicanio/StopwatchWin32

- https://github.com/Wintellect/ProcMonDebugOutput

- https://github.com/GiovanniDicanio/ReadStringsFromRegistry

- https://github.com/GiovanniDicanio/Utf8ConvAtlStl

- https://github.com/GiovanniDicanio/StringPool

- https://github.com/GiovanniDicanio/MapWithCaseInsensitiveStringKey

- https://github.com/GiovanniDicanio/SafeArraySamples

- https://github.com/GiovanniDicanio/TestSSO

- https://github.com/GiovanniDicanio/DoubleNulTerminatedString

- https://github.com/GiovanniDicanio/LoadingCedictBenchmarkCpp

- https://github.com/GiovanniDicanio/TestStringSorting

- https://github.com/GiovanniDicanio/UnicodeConversions

- https://github.com/GiovanniDicanio/TestStringsAtlVsStl

- https://github.com/GiovanniDicanio/UnicodeConversionAtl

- https://github.com/GiovanniDicanio/StlVectorVsListPerformance

## miscellaneous

- https://github.com/gaozan198912/myproject

- https://github.com/k0keoyo/ntoskrnl-symbol-pdb-and-undocument-structures

- https://github.com/gentilkiwi/p11proxy

- https://github.com/gentilkiwi/kekeo

- https://github.com/ExpLife/ByPassCfg

- https://github.com/hfiref0x/SXSEXP

- https://github.com/hfiref0x/VBoxHardenedLoader

- https://github.com/hfiref0x/SyscallTables

- https://github.com/hfiref0x/WinObjEx64

- https://github.com/Cr4sh/DbgCb

- https://github.com/Cr4sh/s6_pcie_microblaze

- https://github.com/ionescu007/SpecuCheck

- https://github.com/ionescu007/lxss

- https://github.com/intel/haxm

- https://github.com/akayn/Resources

- https://github.com/DarthTon/SecureEraseWin

- https://github.com/DarthTon/Xenos

- https://github.com/hfiref0x/UACME

- https://github.com/DarthTon/Blackbone

- https://github.com/tinysec/windows-syscall-table

- https://github.com/tinysec/jsrt

- https://github.com/zodiacon/DriverMon

- https://github.com/zodiacon/GflagsX

- https://github.com/zodiacon/PEExplorer

- https://github.com/zodiacon/KernelExplorer

- https://github.com/zodiacon/AllTools

- https://github.com/zodiacon/WindowsInternals

- https://github.com/hackedteam/vector-silent

- https://github.com/hackedteam/core-packer

- https://github.com/hackedteam/vector-recover

- https://github.com/k33nteam/cc-shellcoding

- https://github.com/rwfpl/rewolf-wow64ext

- https://github.com/rwfpl/rewolf-x86-virtualizer

- https://github.com/rwfpl/rewolf-gogogadget

- https://github.com/rwfpl/rewolf-dllpackager

- https://github.com/Microsoft/ChakraCore

- https://github.com/google/symboliclink-testing-tools

- https://github.com/ptresearch/IntelME-JTAG

- https://github.com/smourier/TraceSpy

- https://github.com/G-E-N-E-S-I-S/tasklist-brutus

- https://github.com/G-E-N-E-S-I-S/token_manipulation

- https://github.com/jjzhang166/sdk

- https://github.com/killswitch-GUI/HotLoad-Driver

- https://github.com/killswitch-GUI/minidump-lib

- https://github.com/killswitch-GUI/win32-named-pipes-example

- https://github.com/Kelvinhack/ScreenCapAttack

- https://github.com/tyranid/oleviewdotnet

- https://github.com/tyranid/CANAPE.Core

- https://github.com/tyranid/DotNetToJScript

## slides

- https://keenlab.tencent.com/zh

## blogs

- http://www.diting0x.com/

- http://lotabout.me/archives/ (write a c interpreter)

- http://2997ms.com/2016/10/09/2016/2016-9%E6%9C%88-%E5%90%AD%E5%93%A7%E5%92%94%E5%93%A7/

- http://www.trueai.cn/

- https://whereisk0shl.top

- https://www.anquanke.com/post/id/97245

- https://lifeinhex.com

- https://vallejo.cc/2017/11/18/installation-and-first-contact-with-the-new-windbg/

- http://www.vxjump.net/

- https://channel9.msdn.com/Shows/Defrag-Tools

- http://windbg.info/

- http://windbg.org/

- https://msdn.microsoft.com/en-us/library/windows/hardware/ff553217(v=vs.85).aspx

- http://www.andreybazhan.com/

- https://blogs.technet.microsoft.com/markrussinovich/

- http://undocumented.ntinternals.net/

- http://j00ru.vexillium.org/

- https://sysprogs.com/

- http://www.rohitab.com/

- https://sww-it.ru/

- http://blogs.microsoft.co.il/pavely/

- https://www.corelan.be/

- http://tombkeeper.blog.techweb.com.cn/

- http://www.zer0mem.sk/

- http://blog.rewolf.pl/blog/

- http://www.alex-ionescu.com/

- http://blog.cr4.sh/

- https://rootkits.xyz/

- https://ixyzero.com/blog/archives/3543.html

- https://whereisk0shl.top/

- http://www.triplefault.io/2017/09/enumerating-process-thread-and-image.html

- http://doar-e.github.io/blog/2017/12/01/debugger-data-model/

- https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/debugging-using-windbg-preview

- https://blog.xpnsec.com/

- https://www.fireeye.com/blog/threat-research/2018/01/simplifying-graphs-in-ida.html

- http://gosecure.net/2018/01/10/vmware-horizon-v4h-v4pa-desktop-agent-privilege-escalation-vulnerability-cve-2017-4946/

- http://www.msreverseengineering.com/blog/2018/1/23/a-walk-through-tutorial-with-code-on-statically-unpacking-the-finspy-vm-part-one-x86-deobfuscation

## web security research site

- https://www.sec-wiki.com

- https://www.anquanke.com/

- http://xuanwulab.github.io/cn/secnews/2018/02/08/index.html

- http://www.vxjump.net/

- https://www.pediy.com/

- https://navisec.it/

## development documents

- http://devdocs.io/

- https://zealdocs.org/

## docker

- http://dockone.io/search/q-RG9ja09uZeaKgOacr+WIhuS6qw==#articles

## leaked source code 

- https://github.com/pustladi/Windows-2000

- https://github.com/killbug2004/NT_4.0_SourceCode

- https://github.com/pustladi/TrueCrypt-7.2

- https://github.com/pustladi/MS-DOS-v.1.1

- https://github.com/pustladi/MS-DOS-v.2.0

## crypto api

- https://github.com/maldevel/AES256

- https://github.com/wbenny/mini-tor

- https://github.com/wyrover/CryptoAPI-examples

- https://github.com/fmuecke/CryptoApi

- https://github.com/ViartX/CacheCrypto

- https://github.com/Deerenaros/CryptoAPIWrapper

- https://github.com/maldevel/SHA256

- https://github.com/13g10n/crypto

## ascii banner

- http://www.network-science.de/ascii/

- http://www.degraeve.com/img2txt.php

## book code

- https://github.com/yifengyou/32to64

- https://github.com/elephantos/elephant

- https://github.com/yifengyou/Android-software-security-and-reverse-analysis

- https://github.com/yifengyou/Code-virtualization-and-automation-analysis

- https://github.com/yifengyou/Software-protection-and-analysis-techniques---principles-and-practices

- https://github.com/yifengyou/X86-assembly-language-from-real-mode-to-protection-mode