2 | 3 |
4 |
5 |

├── LICENSE
├── logo.svg
└── README.md


/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2018 
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/logo.svg:
--------------------------------------------------------------------------------
1 | <svg xmlns="http://www.w3.org/2000/svg" viewBox="-178.3 -167.1 1000 700"><path d="M79.9 323.1c4 0 7.3 1.4 10.1 4.2 2.8 2.8 4.2 6.2 4.2 10.1V387H43.5c-4 0-7.3-1.4-10.1-4.2-2.8-2.8-4.2-6.2-4.2-10.1v-23.6h53.1v-11.7c0-.7-.2-1.2-.7-1.7-.5-.5-1-.7-1.7-.7H29.2v-11.9h50.7zm2.4 52V361H41.1v11.7c0 .7.2 1.2.7 1.7.5.5 1 .7 1.7.7h38.8zm114.7-52h12.7l-24 63.9H176l-21.5-47.5-20.3 47.5-.2-.1.1.1h-9.6l-25.1-63.9H112l17.3 42.4 18.4-42.4h13.6l19.5 42.4 16.2-42.4zm67.2 0c4 0 7.3 1.4 10.1 4.2 2.8 2.8 4.2 6.2 4.2 10.1V361h-53.1v11.7c0 .7.2 1.2.7 1.7.5.5 1 .7 1.7.7h50.7V387h-50.7c-4 0-7.3-1.4-10.1-4.2-2.8-2.8-4.2-6.2-4.2-10.1v-35.3c0-4 1.4-7.3 4.2-10.1 2.8-2.8 6.2-4.2 10.1-4.2h36.4zm-38.8 26h41.2v-11.7c0-.7-.2-1.2-.7-1.7-.5-.5-1-.7-1.7-.7h-36.4c-.7 0-1.2.2-1.7.7-.5.5-.7 1-.7 1.7v11.7zm129-11.6v2.4h-11.9v-2.4c0-.7-.2-1.2-.7-1.7-.5-.5-1-.7-1.7-.7h-36.4c-.7 0-1.2.2-1.7.7-.5.5-.7 1-.7 1.7v9.3c0 .7.2 1.2.7 1.7.5.5 1 .7 1.7.7h36.4c4 0 7.3 1.4 10.1 4.2 2.8 2.8 4.2 6.2 4.2 10.1v9.3c0 4-1.4 7.3-4.2 10.1-2.8 2.8-6.2 4.2-10.1 4.2h-36.4c-4 0-7.3-1.4-10.1-4.2-2.8-2.8-4.2-6.2-4.2-10.1v-2.4h11.9v2.4c0 .7.2 1.2.7 1.7.5.5 1 .7 1.7.7h36.4c.7 0 1.2-.2 1.7-.7.5-.5.7-1 .7-1.7v-9.3c0-.7-.2-1.2-.7-1.7-.5-.5-1-.7-1.7-.7h-36.4c-4 0-7.3-1.4-10.1-4.2-2.8-2.8-4.2-6.2-4.2-10.1v-9.3c0-4 1.4-7.3 4.2-10.1 2.8-2.8 6.2-4.2 10.1-4.2h36.4c4 0 7.3 1.4 10.1 4.2 2.8 2.7 4.2 6.1 4.2 10.1zm25.2-14.4H416c4 0 7.3 1.4 10.1 4.2 2.8 2.8 4.2 6.2 4.2 10.1v35.3c0 4-1.4 7.3-4.2 10.1-2.8 2.8-6.2 4.2-10.1 4.2h-36.4c-4 0-7.3-1.4-10.1-4.2-2.8-2.8-4.2-6.2-4.2-10.1v-35.3c0-4 1.4-7.3 4.2-10.1 2.8-2.8 6.2-4.2 10.1-4.2zM416 335h-36.4c-.7 0-1.2.2-1.7.7-.5.5-.7 1-.7 1.7v35.3c0 .7.2 1.2.7 1.7.5.5 1 .7 1.7.7H416c.7 0 1.2-.2 1.7-.7.5-.5.7-1 .7-1.7v-35.3c0-.7-.2-1.2-.7-1.7-.5-.4-1-.7-1.7-.7zm107.5-11.9c4 0 7.3 1.4 10.1 4.2 2.8 2.8 4.2 6.2 4.2 10.1V387H526v-49.6c0-.7-.2-1.2-.7-1.7-.5-.5-1.1-.7-1.8-.7h-25.2c-.7 0-1.2.2-1.7.7-.5.5-.7 1-.7 1.7V387H484v-49.6c0-.7-.2-1.2-.7-1.7-.5-.5-1-.7-1.7-.7h-25.3c-.7 0-1.2.2-1.7.7-.5.5-.7 1-.7 1.7V387H442v-63.9h81.5zm76.5 0c4 0 7.3 1.4 10.1 4.2 2.8 2.8 4.2 6.2 4.2 10.1V361h-53.1v11.7c0 .7.2 1.2.7 1.7.5.5 1 .7 1.7.7h50.7V387h-50.7c-4 0-7.3-1.4-10.1-4.2-2.8-2.8-4.2-6.2-4.2-10.1v-35.3c0-4 1.4-7.3 4.2-10.1 2.8-2.8 6.2-4.2 10.1-4.2H600zm-38.8 26h41.2v-11.7c0-.7-.2-1.2-.7-1.7-.5-.5-1-.7-1.7-.7h-36.4c-.7 0-1.2.2-1.7.7-.5.5-.7 1-.7 1.7v11.7z" fill="#494368"/><path fill="#FC60A8" d="M614.2 91l-150-137.6-21.1 23L568.1 91H75.4l125-114.7-21.1-23L29.3 91h-.1v90.7c0 41 39.5 74.4 88 74.4h92.5c48.5 0 88-33.4 88-74.4v-59.6h48v59.6c0 41 39.5 74.4 88 74.4h92.5c48.5 0 88-33.4 88-74.4V91z"/></svg>


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | <h1 align="center">
  2 | 	<img width="400" src="logo.svg" alt="Awesome">
  3 | 	<br>
  4 | 	<br>
  5 | </h1>
  6 | 
  7 | 
  8 | # awesome-windows-security-development
  9 | 
 10 | ## Forked from ExpLife/awesome-windows-kernel-security-development.but...He deleted
 11 | 
 12 | ## windows kernel driver with c++ runtime
 13 | 
 14 | - https://github.com/ExpLife/DriverSTL
 15 | - https://github.com/sysprogs/BazisLib
 16 | - https://github.com/AmrThabet/winSRDF
 17 | - https://github.com/sidyhe/dxx
 18 | - https://github.com/zer0mem/libc
 19 | - https://github.com/eladraz/XDK
 20 | - https://github.com/vic4key/Cat-Driver
 21 | - https://github.com/AndrewGaspar/km-stl
 22 | - https://github.com/zer0mem/KernelProject
 23 | - https://github.com/zer0mem/miniCommon
 24 | - https://github.com/jackqk/mystudy
 25 | - https://github.com/yogendersolanki91/Kernel-Driver-Example
 26 | 
 27 | ## dkom
 28 | 
 29 | - https://github.com/nbqofficial/HideDriver
 30 | - https://github.com/ZhuHuiBeiShaDiao/NewHideDriverEx
 31 | - https://github.com/landhb/HideProcess
 32 | - https://github.com/tfairane/DKOM
 33 | - https://github.com/Sqdwr/HideDriver
 34 | 
 35 | ## ssdt hook
 36 | 
 37 | - https://github.com/int0/ProcessIsolator
 38 | - https://github.com/mrexodia/TitanHide (x64dbg Plugin)-(DragonQuestHero Suggest)
 39 | - https://github.com/papadp/shd
 40 | - https://github.com/bronzeMe/SSDT_Hook_x64
 41 | - https://github.com/s18leoare/Hackshield-Driver-Bypass
 42 | - https://github.com/sincoder/hidedir
 43 | - https://github.com/wyrover/HKkernelDbg
 44 | - https://github.com/CherryZY/Process_Protect_Module
 45 | - https://github.com/weixu8/RegistryMonitor
 46 | - https://github.com/nmgwddj/Learn-Windows-Drivers
 47 |     
 48 | ## eat/iat/object/irp/iat hook
 49 | 
 50 | - https://github.com/xiaomagexiao/GameDll
 51 | - https://github.com/HollyDi/Ring0Hook
 52 | - https://github.com/mgeeky/prc_xchk
 53 | - https://github.com/tinysec/iathook
 54 | - https://github.com/stevemk14ebr/PolyHook
 55 | 
 56 | ## inline hook
 57 | 
 58 | - https://github.com/VideoCardGuy/HideProcessInTaskmgr
 59 | - https://github.com/MalwareTech/FstHook
 60 | - https://github.com/Menooker/FishHook
 61 | - https://github.com/G-E-N-E-S-I-S/latebros
 62 | - https://bbs.pediy.com/thread-214582.htm
 63 | 
 64 | ## inject technique
 65 | 
 66 | - https://github.com/VideoCardGuy/X64Injector
 67 | - https://github.com/papadp/reflective-injection-detection (InjectFromMemory)
 68 | - https://github.com/psmitty7373/eif (InjectFromMemory)
 69 | - https://github.com/rokups/ReflectiveLdr (InjectFromMemory)
 70 | - https://github.com/BenjaminSoelberg/ReflectivePELoader (InjectFromMemory) 
 71 | - https://github.com/NtRaiseHardError/Phage (InjectFromMemory)
 72 | - https://github.com/dismantl/ImprovedReflectiveDLLInjection (InjectFromMemory)
 73 | - https://github.com/CylanceVulnResearch/ReflectiveDLLRefresher (InjectFromMemory)
 74 | - https://github.com/amishsecurity/paythepony (InjectFromMemory)
 75 | - https://github.com/deroko/activationcontexthook
 76 | - https://github.com/georgenicolaou/HeavenInjector
 77 | - https://github.com/tinysec/runwithdll
 78 | - https://github.com/NtOpcode/NT-APC-Injector
 79 | - https://github.com/caidongyun/WinCodeInjection
 80 | - https://github.com/countercept/doublepulsar-usermode-injector
 81 | - https://github.com/mq1n/DLLThreadInjectionDetector
 82 | - https://github.com/hkhk366/Memory_Codes_Injection
 83 | - https://github.com/chango77747/ShellCodeInjector_MsBuild
 84 | - https://github.com/Zer0Mem0ry/ManualMap
 85 | - https://github.com/secrary/InfectPE
 86 | - https://github.com/zodiacon/DllInjectionWithThreadContext
 87 | - https://github.com/NtOpcode/RtlCreateUserThread-DLL-Injection
 88 | - https://github.com/hasherezade/chimera_loader
 89 | - https://github.com/Ciantic/RemoteThreader
 90 | - https://github.com/OlSut/Kinject-x64
 91 | - https://github.com/tandasat/RemoteWriteMonitor
 92 | - https://github.com/stormshield/Beholder-Win32
 93 | - https://github.com/secrary/InjectProc
 94 | - https://github.com/AzureGreen/InjectCollection
 95 | - https://github.com/uItra/Injectora
 96 | - https://github.com/rootm0s/Injectors
 97 | - https://github.com/Spajed/processrefund
 98 | - https://github.com/al-homedawy/InjecTOR
 99 | - https://github.com/OlSut/Kinject-x64
100 | - https://github.com/stormshield/Beholder-Win32
101 | - https://github.com/yifiHeaven/MagicWall
102 | 
103 | ## load Dll from memory
104 | 
105 | - https://github.com/fancycode/MemoryModule
106 | - https://github.com/strivexjun/MemoryModulePP
107 | 
108 | ## process hollowing
109 | 
110 | - https://github.com/Spajed/processrefund
111 | - https://github.com/KernelMode/Process_Doppelganging
112 | - https://github.com/hasherezade/process_doppelganging
113 | - https://github.com/m0n0ph1/Process-Hollowing
114 | - https://github.com/KernelMode/RunPE-ProcessHollowing
115 | - https://github.com/KernelMode/RunPE_Detecter
116 | 
117 | ## pe loader
118 | 
119 | - https://github.com/VideoCardGuy/PELoader
120 | 
121 | ## dll to shellcode
122 | 
123 | - https://github.com/w1nds/dll2shellcode
124 | 
125 | ## hide & delete dll
126 | 
127 | - https://github.com/wyyqyl/HideModule
128 | 
129 | ## load driver from memory
130 | 
131 | - https://github.com/Professor-plum/Reflective-Driver-Loader
132 | 
133 | ## hook engine
134 | 
135 | - https://github.com/Ilyatk/HookEngine
136 | - https://github.com/zyantific/zyan-hook-engine
137 | - https://github.com/martona/mhook
138 | - https://github.com/EasyHook/EasyHook
139 | - https://github.com/RelicOfTesla/Detours
140 | 
141 | ## callback
142 | 
143 | - https://github.com/JKornev/hidden
144 | - https://github.com/binbibi/CallbackEx
145 | - https://github.com/swwwolf/cbtest
146 | - https://github.com/nmgwddj/Learn-Windows-Drivers
147 | - https://github.com/SamLarenN/CallbackDisabler
148 | 
149 | ## minifilter
150 | 
151 | - https://github.com/aleksk/LazyCopy
152 | - https://github.com/guidoreina/minivers
153 | - https://github.com/idkwim/mfd
154 | - https://github.com/Coxious/Antinvader
155 | - https://github.com/tandasat/Scavenger
156 | - https://github.com/fishfly/X70FSD
157 | - https://github.com/aleksk/LazyCopy
158 | - https://github.com/ExpLife/BKAV.Filter
159 | 
160 | ## virtual disk
161 | 
162 | - https://github.com/zhaozhongshu/winvblock_vs
163 | - https://github.com/yogendersolanki91/Kernel-Driver-Example
164 | 
165 | ## virtual file system
166 | 
167 | - https://github.com/ExpLife/CodeUMVFS
168 | - https://github.com/yogendersolanki91/ProcessFileSystem
169 | - https://github.com/BenjaminKim/dokanx
170 | 
171 | ## lpc
172 | 
173 | - https://github.com/avalon1610/LPC
174 | 
175 | ## alpc
176 | 
177 | - https://github.com/avalon1610/ALPC
178 | 
179 | ## lsp
180 | 
181 | - https://github.com/AnwarMohamed/Packetyzer
182 | 
183 | ## afd
184 |  
185 | - https://github.com/xiaomagexiao/GameDll 
186 | - https://github.com/DeDf/afd
187 | - https://github.com/a252293079/NProxy
188 | 
189 | ## tdi
190 | 
191 | - https://github.com/Sha0/winvblock
192 | - https://github.com/michael4338/TDI
193 | - https://github.com/cullengao/tdi_monitor
194 | - https://github.com/uniking/TDI-Demo
195 | - https://github.com/codereba/netmon
196 | 
197 | ## wfp
198 | 
199 | - https://github.com/basil00/Divert
200 | - https://github.com/WPO-Foundation/win-shaper
201 | - https://github.com/raymon-tian/WFPFirewall
202 | - https://github.com/henrypp/simplewall
203 | - https://docs.microsoft.com/zh-cn/windows-hardware/drivers/network/porting-packet-processing-drivers-and-apps-to-wfp
204 | - https://github.com/thecybermind/ipredir
205 | - https://github.com/RmzVoid/RMZSol
206 | - https://github.com/BrunoMCBraga/Kernel-Whisperer
207 | - https://github.com/KBancerz/kkvpn_driver
208 | - https://github.com/JaredWright/WFPStarterKit
209 | 
210 | ## ndis
211 | 
212 | - https://github.com/zy520321/ndis-filter
213 | - https://github.com/yuanmaomao/NDIS_Firewall
214 | - https://github.com/SoftEtherVPN/Win10Pcap
215 | - https://github.com/IsoGrid/NdisProtocol
216 | - https://github.com/lcxl/lcxl-net-loader
217 | - https://www.ntkernel.com/windows-packet-filter/
218 | - https://github.com/michael4338/NDIS
219 | - https://github.com/IAmAnubhavSaini/ndislwf
220 | - https://github.com/OpenVPN/tap-windows6
221 | - https://github.com/SageAxcess/pcap-ndis6
222 | - https://github.com/uniking/NDIS-Demo
223 | - https://github.com/mkdym/NDISDriverInst
224 | - https://github.com/debugfan/packetprot
225 | - https://github.com/Iamgublin/NDIS6.30-NetMonitor
226 | - https://github.com/nmap/npcap
227 | - https://github.com/Ltangjian/FireWall
228 | - https://github.com/Microsoft/Windows-driver-samples/tree/master/network/config/bindview
229 | - https://github.com/brorica/http_inject (winpcap)
230 | 
231 | ## wsk
232 | 
233 | - https://github.com/reinhardvz/wsk
234 | - https://github.com/akayn/kbMon
235 | - https://github.com/02strich/audionet
236 | - https://github.com/mestefy/securityplus
237 | - https://github.com/skycipher/CNGProvider
238 | 
239 | ## rootkits
240 | 
241 | - https://github.com/HoShiMin/EnjoyTheRing0
242 | - https://github.com/hfiref0x/ZeroAccess
243 | - https://github.com/hackedteam/driver-win32
244 | - https://github.com/hackedteam/driver-win64
245 | - https://github.com/csurage/Rootkit
246 | - https://github.com/bowlofstew/rootkit.com
247 | - https://github.com/Nervous/GreenKit-Rootkit
248 | - https://github.com/bytecode-77/r77-rootkit
249 | - https://github.com/Cr4sh/WindowsRegistryRootkit
250 | - https://github.com/Alifcccccc/Windows-Rootkits
251 | - https://github.com/Schnocker/NoEye
252 | - https://github.com/christian-roggia/open-myrtus
253 | - https://github.com/Cr4sh/DrvHide-PoC
254 | - https://github.com/mstefanowich/SquiddlyDiddly2
255 | - https://github.com/MalwareTech/FakeMBR
256 | - https://github.com/Cr4sh/PTBypass-PoC
257 | - https://github.com/psaneme/Kung-Fu-Malware
258 | - https://github.com/hasherezade/persistence_demos
259 | - https://github.com/MinhasKamal/TrojanCockroach
260 | - https://github.com/akayn/kbMon
261 | - https://github.com/hm200958/kmdf--analyse
262 | 
263 | ## mbr
264 | 
265 | - https://github.com/Cisco-Talos/MBRFilter
266 | 
267 | ## bootkits
268 | 
269 | - https://github.com/DeviceObject/rk2017
270 | - https://github.com/DeviceObject/ChangeDiskSector
271 | - https://github.com/DeviceObject/Uefi_HelloWorld
272 | - https://github.com/DeviceObject/ShitDrv
273 | - https://github.com/DeviceObject/DarkCloud
274 | - https://github.com/nyx0/Rovnix
275 | - https://github.com/MalwareTech/TinyXPB
276 | - https://github.com/m0n0ph1/Win64-Rovnix-VBR-Bootkit
277 | - https://github.com/NextSecurity/Gozi-MBR-rootkit
278 | - https://github.com/NextSecurity/vector-edk
279 | - https://github.com/ahixon/booty
280 | 
281 | ## uefi/smm
282 | 
283 | - https://github.com/DeviceObject/Uefi_HelloWorld
284 | - https://github.com/LongSoft/UEFITool
285 | - https://github.com/dude719/UEFI-Bootkit
286 | - https://github.com/quarkslab/dreamboot
287 | - https://github.com/gyje/BIOS_Rootkit
288 | - https://github.com/scumjr/the-sea-watcher
289 | - https://github.com/zhuyue1314/stoned-UEFI-bootkit
290 | - https://github.com/hackedteam/vector-edk
291 | - https://github.com/Cr4sh/SmmBackdoor
292 | - https://github.com/Cr4sh/PeiBackdoor
293 | - https://github.com/Cr4sh/fwexpl
294 | 
295 | ## smc
296 | 
297 | - https://github.com/marcusbotacin/Self-Modifying-Code
298 | 
299 | ## anti debug
300 | 
301 | - https://github.com/strivexjun/XAntiDebug
302 | - https://github.com/marcusbotacin/Anti.Analysis
303 | - https://github.com/LordNoteworthy/al-khaser
304 | - https://github.com/eschweiler/ProReversing
305 | 
306 | ## malware
307 | 
308 | - https://github.com/mwsrc/XtremeRAT
309 | - https://github.com/mwsrc/Schwarze-Sonne-RAT (delphi)
310 | - https://github.com/Mr-Un1k0d3r/ThunderShell (powershell)
311 | - https://github.com/DimChris0/LoRa
312 | - https://github.com/marcusbotacin/Malware.Multicore
313 | - https://github.com/bxlcity/malware
314 | - https://github.com/grcasanova/SuperVirus
315 | - https://github.com/hackedteam/core-win32
316 | - https://github.com/hackedteam/scout-win
317 | - https://github.com/hackedteam/vector-dropper
318 | 
319 | ## malware analysis
320 | 
321 | - https://github.com/kevthehermit/RATDecoders
322 | - https://github.com/marcusbotacin/Malware.Variants
323 | - https://github.com/marcusbotacin/Hardware-Assisted-AV
324 | - https://github.com/gentilkiwi/spectre_meltdown
325 | - https://github.com/gentilkiwi/wanadecrypt
326 | - https://github.com/bloomer1016
327 | - https://github.com/CHEF-KOCH/malware-research
328 | - https://github.com/gentilkiwi/wanakiwi
329 | 
330 | ## arktools
331 | 
332 | - https://github.com/marcusbotacin/BranchMonitoringProject
333 | - https://github.com/AzureGreen/ArkProtect
334 | - https://github.com/AzureGreen/ArkToolDrv
335 | - https://github.com/HollyDi/PCAssistant
336 | - https://github.com/ChengChengCC/Ark-tools
337 | - https://github.com/swatkat/arkitlib
338 | - https://github.com/swwwolf/wdbgark
339 | - https://github.com/zibility/Anti-Rootkits
340 | - https://github.com/SLAUC91/AntiCheat
341 | - https://github.com/sincoder/A-Protect
342 | - https://github.com/apriorit/antirootkit-anti-splicer
343 | - https://github.com/kedebug/ScDetective
344 | - https://github.com/PKRoma/ProcessHacker
345 | - https://github.com/AndreyBazhan/DbgExt
346 | - https://github.com/comaeio/SwishDbgExt
347 | - https://github.com/ExpLife/atomic-red-team
348 | - https://github.com/shenghe/pcmanager
349 | - https://github.com/lj1987new/guardlite
350 | - https://github.com/hackshields/antivirus/
351 | - https://github.com/AntiRootkit/BDArkit
352 | 
353 | ## bypass patchguard
354 | 
355 | - https://github.com/hfiref0x/UPGDSED
356 | - https://github.com/tandasat/PgResarch
357 | - https://github.com/killvxk/DisableWin10PatchguardPoc
358 | - https://github.com/tandasat/findpg
359 | - https://github.com/zer0mem/HowToBoostPatchGuard
360 | - https://bbs.pediy.com/thread-214582.htm
361 | 
362 | ## bypass dse
363 | 
364 | - https://github.com/hfiref0x/TDL
365 | - https://github.com/hfiref0x/DSEFix
366 | 
367 | ## HackSysExtremeVulnerableDriver
368 | 
369 | - https://github.com/mgeeky/HEVD_Kernel_Exploit
370 | - https://www.fuzzysecurity.com/tutorials.html
371 | - https://rootkits.xyz/blog/
372 | - https://github.com/hacksysteam/HackSysExtremeVulnerableDriver
373 | - https://github.com/k0keoyo/HEVD-Double-Free-PoC
374 | - https://github.com/k0keoyo/HEVD-Arbitrary-Overwrite-Exploit-Win10-rs3
375 | - https://github.com/tekwizz123/HEVD-Exploit-Solutions
376 | - https://github.com/k0keoyo/try_exploit
377 | - https://github.com/Cn33liz/HSEVD-VariousExploits
378 | - https://github.com/Cn33liz/HSEVD-StackOverflow
379 | - https://github.com/Cn33liz/HSEVD-StackOverflowX64
380 | - https://github.com/Cn33liz/HSEVD-StackCookieBypass
381 | - https://github.com/Cn33liz/HSEVD-ArbitraryOverwriteGDI
382 | - https://github.com/Cn33liz/HSEVD-StackOverflowGDI
383 | - https://github.com/Cn33liz/HSEVD-ArbitraryOverwriteLowIL
384 | - https://github.com/Cn33liz/HSEVD-ArbitraryOverwrite
385 | - https://github.com/akayn/demos
386 | 
387 | ## windows kernel exploits
388 | 
389 | - https://github.com/JeremyFetiveau/Exploits
390 | - https://github.com/hfiref0x/Stryker
391 | - https://github.com/swwwolf/obderef
392 | - https://github.com/k0keoyo/CVE-2017-0038-EXP-C-JS
393 | - https://github.com/cbayet/PoolSprayer
394 | - https://github.com/k0keoyo/Vir.IT-explorer-Anti-Virus-Null-Pointer-Reference-PoC
395 | - https://github.com/k0keoyo/Driver-Loaded-PoC
396 | - https://github.com/k0keoyo/try_exploit
397 | - https://github.com/k0keoyo/CVE-2015-2546-Exploit
398 | - https://github.com/k0keoyo/Dark_Composition_case_study_Integer_Overflow
399 | - https://github.com/tinysec/vulnerability
400 | - https://github.com/akayn/demos
401 | - https://github.com/abatchy17/WindowsExploits
402 | - https://github.com/recodeking/WindowsExploitation
403 | - https://github.com/GDSSecurity/Windows-Exploit-Suggester
404 | - https://github.com/rwfpl/rewolf-pcausa-exploit
405 | - https://github.com/ratty3697/HackSpy-Trojan-Exploit
406 | - https://github.com/SecWiki/windows-kernel-exploits
407 | - https://github.com/sensepost/ms16-098
408 | - https://github.com/shjalayeri/sysret
409 | - https://github.com/sam-b/windows_kernel_resources
410 | - https://github.com/sensepost/gdi-palettes-exp
411 | - https://github.com/ExpLife/ByPassCfg
412 | - https://github.com/Rootkitsmm/WinIo-Vidix
413 | - https://github.com/andrewkabai/vulnwindrv
414 | - https://github.com/mwrlabs/CVE-2016-7255
415 | - https://github.com/MarkHC/HandleMaster
416 | - https://github.com/SamLarenN/CapcomDKOM
417 | - https://github.com/zerosum0x0/puppetstrings
418 | - https://github.com/zerosum0x0/ShellcodeDriver
419 | - https://github.com/Rootkitsmm/WinIo-Vidix
420 | - https://github.com/progmboy/kernel_vul_poc
421 | - https://github.com/rwfpl/rewolf-msi-exploit
422 | - https://github.com/rwfpl/rewolf-pcausa-exploit
423 | - https://github.com/Rootkitsmm/Win10Pcap-Exploit
424 | - https://github.com/Rootkitsmm/MS15-061
425 | - https://github.com/Rootkitsmm/cve-2016-0040
426 | - https://github.com/Rootkitsmm/CVEXX-XX
427 | - https://github.com/sensepost/ms16-098
428 | - https://github.com/Trietptm-on-Security/bug-free-adventure
429 | - https://github.com/sam-b/CVE-2014-4113
430 | - https://github.com/Rootkitsmm/OpenVpn-Pool-Overflow
431 | - https://github.com/Rootkitsmm/UnThreatAVDriver-DOS
432 | - https://github.com/Cr4sh/ThinkPwn
433 | - https://github.com/hfiref0x/CVE-2015-1701
434 | - https://github.com/tyranid/windows-logical-eop-workshop
435 | - https://github.com/google/sandbox-attacksurface-analysis-tools
436 | - https://github.com/tyranid/ExploitRemotingService
437 | - https://github.com/tyranid/DeviceGuardBypasses
438 | - https://github.com/tyranid/ExploitDotNetDCOM
439 | - https://github.com/hatRiot/token-priv(EOP)
440 | - https://github.com/weizn11/MS17010_AllInOne
441 | - https://github.com/TeskeVirtualSystem/MS17010Test
442 | 
443 | ## office exploit
444 | 
445 | - https://github.com/rxwx/CVE-2017-8570
446 | 
447 | ## flash exploit
448 | 
449 | - https://github.com/brianwrf/CVE-2017-4878-Samples
450 | 
451 | ## sandbox escape
452 | 
453 | - https://github.com/SilverMoonSecurity/SandboxEvasion
454 | - https://github.com/exAphex/SandboxEscape
455 | - https://github.com/Fel0ny/Sandbox-Detection
456 | - https://github.com/CheckPointSW/InviZzzible
457 | - https://github.com/MalwareTech/AppContainerSandbox
458 | - https://github.com/tyranid/IE11SandboxEscapes
459 | - https://github.com/649/Chrome-Sandbox-Exploit
460 | - https://github.com/google/sandbox-attacksurface-analysis-tools
461 | - https://github.com/conix-security/zer0m0n
462 | - https://github.com/iceb0y/windows-container
463 | - https://github.com/s7ephen/SandKit
464 | - https://github.com/D4Vinci/Dr0p1t-Framework
465 | - https://github.com/cryptolok/MorphAES
466 | - https://github.com/mtalbi/vm_escape
467 | - https://github.com/unamer/vmware_escape
468 | - https://github.com/erezto/lua-sandbox-escape
469 | - https://github.com/brownbelt/Edge-sandbox-escape
470 | - https://github.com/shakenetwork/vmware_escape
471 | - https://github.com/Cr4sh/prl_guest_to_host
472 | 
473 | ## cve
474 | 
475 | - https://github.com/LiuCan01/cve-list-pro
476 | - https://github.com/CVEProject/cvelist
477 | 
478 | ## hips
479 | - https://github.com/0xdabbad00/OpenHIPS
480 | - https://github.com/ExpLife/Norton_AntiVirus_SourceCode
481 | - https://github.com/majian55555/MJAntiVirusEngine
482 | - https://github.com/develbranch/TinyAntivirus
483 | - https://github.com/tandasat/EopMon
484 | - https://github.com/tandasat/MemoryMon
485 | 
486 | ## vt
487 | 
488 | - https://github.com/marche147/IoctlMon
489 | - https://github.com/ionescu007/SimpleVisor
490 | - https://github.com/zer0mem/MiniHyperVisorProject
491 | - https://github.com/zer0mem/ShowMeYourGongFu
492 | - https://github.com/zer0mem/HyperVisor
493 | - https://github.com/marche147/SimpleVT
494 | - https://github.com/DarthTon/HyperBone
495 | - https://github.com/nick-kvmhv/splittlb
496 | - https://github.com/zareprj/Vmx_Prj
497 | - https://github.com/ZhuHuiBeiShaDiao/MiniVTx64
498 | - https://github.com/tandasat/HyperPlatform
499 | - https://github.com/hzqst/Syscall-Monitor
500 | - https://github.com/asamy/ksm
501 | - https://github.com/in12hacker/VT_64_EPT
502 | - https://github.com/ZhuHuiBeiShaDiao/PFHook
503 | - https://github.com/tandasat/FU_Hypervisor
504 | - https://github.com/tandasat/DdiMon
505 | - https://github.com/tandasat/GuardMon
506 | - https://github.com/yqsy/VT_demo
507 | - https://github.com/OkazakiNagisa/VTbasedDebuggerWin7
508 | - https://github.com/Ouroboros/JuusanKoubou
509 | - https://github.com/aaa1616/Hypervisor
510 | - https://github.com/Nukem9/VirtualDbg
511 | - https://github.com/Nukem9/VirtualDbgHide
512 | - https://github.com/cheat-engine/cheat-engine
513 | - https://github.com/Kelvinhack/kHypervisor
514 | 
515 | ## fuzzer
516 | 
517 | - https://github.com/bee13oy/AV_Kernel_Vulns/tree/master/Zer0Con2017
518 | - https://github.com/k0keoyo/kDriver-Fuzzer (Paper:https://whereisk0shl.top/post/2018-01-30)
519 | - https://github.com/koutto/ioctlbf
520 | - https://github.com/Cr4sh/ioctlfuzzer
521 | - https://github.com/Cr4sh/MsFontsFuzz
522 | - https://github.com/hfiref0x/NtCall64
523 | - https://github.com/Rootkitsmm/Win32k-Fuzzer
524 | - https://github.com/mwrlabs/KernelFuzzer
525 | - https://github.com/SignalSEC/kirlangic-ttf-fuzzer
526 | - https://github.com/demi6od/Smashing_The_Browser
527 | - https://github.com/marche147/IoctlMon
528 | - https://github.com/k0keoyo/Some-Kernel-Fuzzing-Paper
529 | 
530 | ## emet
531 | 
532 | - https://github.com/codingtest/EMET
533 | 
534 | ## hotpatch
535 | 
536 | - https://github.com/codingtest/windows_hotpatch
537 | 
538 | ## game hack
539 | 
540 | - https://github.com/DreamHacks/dreamdota
541 | - https://github.com/yoie/NGPlug-in
542 | - https://github.com/DevelopKits/proj
543 | - https://github.com/VideoCardGuy/ExpTool_GUI
544 | - https://github.com/VideoCardGuy/Zhihu_SimpleLog
545 | - https://github.com/VideoCardGuy/NewYuGiOh_CheatDLL_x64
546 | - https://github.com/VideoCardGuy/Tetris
547 | - https://github.com/VideoCardGuy/YuGiOh
548 | - https://github.com/VideoCardGuy/SnakeAI
549 | - https://github.com/VideoCardGuy/gitAsktao
550 | - https://github.com/VideoCardGuy/War3Cheat
551 | - https://github.com/VideoCardGuy/AStar_Study
552 | - https://github.com/VideoCardGuy/BnsChina_SetSpeed
553 | - https://github.com/VideoCardGuy/LOLProjects
554 | - https://github.com/VideoCardGuy/NewYuGiOh_CheatDLL_x64
555 | - https://github.com/VideoCardGuy/PictureMatchGame
556 | - https://github.com/VideoCardGuy/AutoLoginByBnsChina
557 | - https://github.com/VideoCardGuy/MemoryWatchTool
558 | - https://github.com/VideoCardGuy/LOL_China
559 | - https://github.com/mlghuskie/NoBastian
560 | - https://github.com/G-E-N-E-S-I-S/BattlegroundsChams
561 | - https://github.com/luciouskami/XignCode3Bypass
562 | - https://github.com/luciouskami/CS-GO-Simple-Hack
563 | - https://github.com/luciouskami/load-self-mix
564 | - https://github.com/Karaulov/WarcraftIII_DLL_126-127
565 | - https://github.com/TonyZesto/PubgPrivXcode85
566 | - https://github.com/luciouskami/gameguard-for-war3
567 | - https://github.com/PopcornEgg/LOLChangeSkin
568 | - https://github.com/ValveSoftware/ToGL
569 | - https://github.com/Karaulov/War3-SizeLimit-Bypass
570 | - https://github.com/F7eak/Xenon
571 | - https://github.com/syj2010syj/All-Star-Battle-2
572 | 
573 | ## symbolic execution
574 | 
575 | - https://github.com/illera88/Ponce
576 | - https://github.com/gaasedelen/lighthouse
577 | 
578 | ## deobfuscation
579 | 
580 | - https://github.com/SCUBSRGroup/OLLVM_Deobfuscation
581 | 
582 | ## taint analyse
583 | 
584 | - https://github.com/SCUBSRGroup/Taint-Analyse
585 | 
586 | ## bin diff
587 | 
588 | - https://www.zynamics.com/bindiff.html
589 | - https://github.com/joxeankoret/diaphora
590 | - https://github.com/ExpLife/binarydiffer
591 | - https://github.com/ExpLife/patchdiff2_ida6
592 | - https://github.com/ExpLife/patchdiff2
593 | 
594 | ## x64dbg plugin
595 | 
596 | - https://github.com/mrexodia/TitanHide
597 | - https://github.com/x64dbg/InterObfu
598 | - https://github.com/x64dbg/ScyllaHide
599 | - https://github.com/Nukem9/SwissArmyKnife
600 | - https://github.com/x64dbg/x64dbg/wiki/Plugins
601 | 
602 | ## windbg plugin
603 | 
604 | - https://github.com/VincentSe/WatchTrees
605 | 
606 | ## ida script & plugin
607 | 
608 | - https://github.com/mwrlabs/win_driver_plugin
609 | - https://github.com/igogo-x86/HexRaysPyTools
610 | - https://github.com/techbliss/Python_editor
611 | - https://github.com/tmr232/Sark
612 | - http://sark.readthedocs.io/en/latest/debugging.html
613 | - https://bbs.pediy.com/thread-224627.htm (wing debugging idapython script)
614 | 
615 | ## rpc
616 | 
617 | - https://github.com/gentilkiwi/basic_rpc
618 | 
619 | ## hash dump
620 | 
621 | - https://github.com/gentilkiwi/mimikatz
622 | 
623 | ##  auxiliary lib
624 | 
625 | - https://github.com/David-Reguera-Garcia-Dreg/auxlib
626 | 
627 | ## ring3 nt api
628 | 
629 | - https://github.com/Chuyu-Team/NativeLib
630 | 
631 | ## dll hijack
632 | 
633 | - https://github.com/strivexjun/AheadLib-x86-x64
634 | 
635 | ## winpcap
636 | 
637 | - https://github.com/klemenb/fiddly
638 | - http://blog.csdn.net/Ni9htMar3/article/details/54612394
639 | - https://www.cnblogs.com/xcj26/articles/6073411.html
640 | - http://www.freebuf.com/articles/system/103526.html
641 | - https://github.com/illahaha/zxarps (arpcheat)
642 | - https://github.com/sincoder/zxarps (arpcheat)
643 | 
644 | ## metasploit
645 | 
646 | - https://github.com/NytroRST/NetRipper
647 | - https://github.com/breenmachine/RottenPotatoNG
648 | 
649 | ## shadow
650 | 
651 | - https://github.com/lcxl/lcxl-shadow
652 | 
653 | ## http
654 | 
655 | - https://github.com/OlehKulykov/libnhr
656 | - https://github.com/erickutcher/httpdownloader
657 | 
658 | ## https proxy
659 | 
660 | - https://github.com/killbug2004/HttpsProxy
661 | - https://github.com/erickutcher/httpproxy
662 | 
663 | ## mitm
664 | 
665 | - https://github.com/liuyufei/SSLKiller
666 | - http://blog.csdn.net/Tencent_Bugly/article/details/72626127
667 | - https://github.com/pfussell/pivotal
668 | 
669 | ## json
670 | 
671 | - https://github.com/marcusbotacin/MyJSON
672 | 
673 | ## awesome
674 | 
675 | - https://github.com/sam-b/windows_kernel_resources
676 | - https://github.com/EbookFoundation/free-programming-books
677 | - https://github.com/justjavac/free-programming-books-zh_CN
678 | - https://github.com/rmusser01/Infosec_Reference/
679 | - https://github.com/jshaw87/Cheatsheets
680 | - https://github.com/RPISEC/MBE
681 | 
682 | ## windows Driver Kit ddi (device driver interface) documentation
683 | 
684 | - https://docs.microsoft.com/zh-cn/windows-hardware/drivers/ddi/
685 | - https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/windbg-scripting-preview
686 | 
687 | ## windbg preview & jsprovider
688 | 
689 | - http://doar-e.github.io/blog/2017/12/01/debugger-data-model/
690 | 
691 | ## vm
692 | 
693 | - https://github.com/tboox/vm86
694 | 
695 | ## tools
696 | 
697 | - http://www.softpedia.com/get/Programming/Debuggers-Decompilers-Dissasemblers/
698 | 
699 | ## nsa security tools
700 | 
701 | - https://github.com/exploitx3/FUZZBUNCH
702 | - https://github.com/fuzzbunch/fuzzbunch
703 | - https://github.com/peterpt/fuzzbunch
704 | 
705 | ## apt
706 | 
707 | - https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections
708 | - https://github.com/kbandla/APTnotes
709 | - https://attack.mitre.org/wiki/Groups
710 | - https://github.com/fdiskyou/threat-INTel
711 | 
712 | ## 3rd party library
713 | 
714 | - https://github.com/GiovanniDicanio/WinReg
715 | - https://github.com/GiovanniDicanio/StopwatchWin32
716 | - https://github.com/Wintellect/ProcMonDebugOutput
717 | - https://github.com/GiovanniDicanio/ReadStringsFromRegistry
718 | - https://github.com/GiovanniDicanio/Utf8ConvAtlStl
719 | - https://github.com/GiovanniDicanio/StringPool
720 | - https://github.com/GiovanniDicanio/MapWithCaseInsensitiveStringKey
721 | - https://github.com/GiovanniDicanio/SafeArraySamples
722 | - https://github.com/GiovanniDicanio/TestSSO
723 | - https://github.com/GiovanniDicanio/DoubleNulTerminatedString
724 | - https://github.com/GiovanniDicanio/LoadingCedictBenchmarkCpp
725 | - https://github.com/GiovanniDicanio/TestStringSorting
726 | - https://github.com/GiovanniDicanio/UnicodeConversions
727 | - https://github.com/GiovanniDicanio/TestStringsAtlVsStl
728 | - https://github.com/GiovanniDicanio/UnicodeConversionAtl
729 | - https://github.com/GiovanniDicanio/StlVectorVsListPerformance
730 | 
731 | ## miscellaneous
732 | 
733 | - https://github.com/gaozan198912/myproject
734 | - https://github.com/k0keoyo/ntoskrnl-symbol-pdb-and-undocument-structures
735 | - https://github.com/gentilkiwi/p11proxy
736 | - https://github.com/gentilkiwi/kekeo
737 | - https://github.com/ExpLife/ByPassCfg
738 | - https://github.com/hfiref0x/SXSEXP
739 | - https://github.com/hfiref0x/VBoxHardenedLoader
740 | - https://github.com/hfiref0x/SyscallTables
741 | - https://github.com/hfiref0x/WinObjEx64
742 | - https://github.com/Cr4sh/DbgCb
743 | - https://github.com/Cr4sh/s6_pcie_microblaze
744 | - https://github.com/ionescu007/SpecuCheck
745 | - https://github.com/ionescu007/lxss
746 | - https://github.com/intel/haxm
747 | - https://github.com/akayn/Resources
748 | - https://github.com/DarthTon/SecureEraseWin
749 | - https://github.com/DarthTon/Xenos
750 | - https://github.com/hfiref0x/UACME
751 | - https://github.com/DarthTon/Blackbone
752 | - https://github.com/tinysec/windows-syscall-table
753 | - https://github.com/tinysec/jsrt
754 | - https://github.com/zodiacon/DriverMon
755 | - https://github.com/zodiacon/GflagsX
756 | - https://github.com/zodiacon/PEExplorer
757 | - https://github.com/zodiacon/KernelExplorer
758 | - https://github.com/zodiacon/AllTools
759 | - https://github.com/zodiacon/WindowsInternals
760 | - https://github.com/hackedteam/vector-silent
761 | - https://github.com/hackedteam/core-packer
762 | - https://github.com/hackedteam/vector-recover
763 | - https://github.com/k33nteam/cc-shellcoding
764 | - https://github.com/rwfpl/rewolf-wow64ext
765 | - https://github.com/rwfpl/rewolf-x86-virtualizer
766 | - https://github.com/rwfpl/rewolf-gogogadget
767 | - https://github.com/rwfpl/rewolf-dllpackager
768 | - https://github.com/Microsoft/ChakraCore
769 | - https://github.com/google/symboliclink-testing-tools
770 | - https://github.com/ptresearch/IntelME-JTAG
771 | - https://github.com/smourier/TraceSpy
772 | - https://github.com/G-E-N-E-S-I-S/tasklist-brutus
773 | - https://github.com/G-E-N-E-S-I-S/token_manipulation
774 | - https://github.com/jjzhang166/sdk
775 | - https://github.com/killswitch-GUI/HotLoad-Driver
776 | - https://github.com/killswitch-GUI/minidump-lib
777 | - https://github.com/killswitch-GUI/win32-named-pipes-example
778 | - https://github.com/Kelvinhack/ScreenCapAttack
779 | - https://github.com/tyranid/oleviewdotnet
780 | - https://github.com/tyranid/CANAPE.Core
781 | - https://github.com/tyranid/DotNetToJScript
782 | 
783 | ## slides
784 | 
785 | - https://keenlab.tencent.com/zh
786 | 
787 | ## blogs
788 | 
789 | - http://www.diting0x.com/
790 | - http://lotabout.me/archives/ (write a c interpreter)
791 | - http://2997ms.com/2016/10/09/2016/2016-9%E6%9C%88-%E5%90%AD%E5%93%A7%E5%92%94%E5%93%A7/
792 | - http://www.trueai.cn/
793 | - https://whereisk0shl.top
794 | - https://www.anquanke.com/post/id/97245
795 | - https://lifeinhex.com
796 | - https://vallejo.cc/2017/11/18/installation-and-first-contact-with-the-new-windbg/
797 | - http://www.vxjump.net/
798 | - https://channel9.msdn.com/Shows/Defrag-Tools
799 | - http://windbg.info/
800 | - http://windbg.org/
801 | - https://msdn.microsoft.com/en-us/library/windows/hardware/ff553217(v=vs.85).aspx
802 | - http://www.andreybazhan.com/
803 | - https://blogs.technet.microsoft.com/markrussinovich/
804 | - http://undocumented.ntinternals.net/
805 | - http://j00ru.vexillium.org/
806 | - https://sysprogs.com/
807 | - http://www.rohitab.com/
808 | - https://sww-it.ru/
809 | - http://blogs.microsoft.co.il/pavely/
810 | - https://www.corelan.be/
811 | - http://tombkeeper.blog.techweb.com.cn/
812 | - http://www.zer0mem.sk/
813 | - http://blog.rewolf.pl/blog/
814 | - http://www.alex-ionescu.com/
815 | - http://blog.cr4.sh/
816 | - https://rootkits.xyz/
817 | - https://ixyzero.com/blog/archives/3543.html
818 | - https://whereisk0shl.top/
819 | - http://www.triplefault.io/2017/09/enumerating-process-thread-and-image.html
820 | - http://doar-e.github.io/blog/2017/12/01/debugger-data-model/
821 | - https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/debugging-using-windbg-preview
822 | - https://blog.xpnsec.com/
823 | - https://www.fireeye.com/blog/threat-research/2018/01/simplifying-graphs-in-ida.html
824 | - http://gosecure.net/2018/01/10/vmware-horizon-v4h-v4pa-desktop-agent-privilege-escalation-vulnerability-cve-2017-4946/
825 | - http://www.msreverseengineering.com/blog/2018/1/23/a-walk-through-tutorial-with-code-on-statically-unpacking-the-finspy-vm-part-one-x86-deobfuscation
826 | 
827 | ## web security research site
828 | 
829 | - https://www.sec-wiki.com
830 | - https://www.anquanke.com/
831 | - http://xuanwulab.github.io/cn/secnews/2018/02/08/index.html
832 | - http://www.vxjump.net/
833 | - https://www.pediy.com/
834 | - https://navisec.it/
835 | 
836 | ## development documents
837 | 
838 | - http://devdocs.io/
839 | - https://zealdocs.org/
840 | 
841 | ## docker
842 | 
843 | - http://dockone.io/search/q-RG9ja09uZeaKgOacr+WIhuS6qw==#articles
844 | 
845 | ## leaked source code 
846 | 
847 | - https://github.com/pustladi/Windows-2000
848 | - https://github.com/killbug2004/NT_4.0_SourceCode
849 | - https://github.com/pustladi/TrueCrypt-7.2
850 | - https://github.com/pustladi/MS-DOS-v.1.1
851 | - https://github.com/pustladi/MS-DOS-v.2.0
852 | 
853 | ## crypto api
854 | 
855 | - https://github.com/maldevel/AES256
856 | - https://github.com/wbenny/mini-tor
857 | - https://github.com/wyrover/CryptoAPI-examples
858 | - https://github.com/fmuecke/CryptoApi
859 | - https://github.com/ViartX/CacheCrypto
860 | - https://github.com/Deerenaros/CryptoAPIWrapper
861 | - https://github.com/maldevel/SHA256
862 | - https://github.com/13g10n/crypto
863 | 
864 | ## ascii banner
865 | 
866 | - http://www.network-science.de/ascii/
867 | - http://www.degraeve.com/img2txt.php
868 | 
869 | ## book code
870 | 
871 | - https://github.com/yifengyou/32to64
872 | - https://github.com/elephantos/elephant
873 | - https://github.com/yifengyou/Android-software-security-and-reverse-analysis
874 | - https://github.com/yifengyou/Code-virtualization-and-automation-analysis
875 | - https://github.com/yifengyou/Software-protection-and-analysis-techniques---principles-and-practices
876 | - https://github.com/yifengyou/X86-assembly-language-from-real-mode-to-protection-mode
877 | 


--------------------------------------------------------------------------------