├── README.md
└── logo.svg


/README.md:
--------------------------------------------------------------------------------
   1 | ![logo](https://ss2.bdstatic.com/70cFvnSh_Q1YnxGkpoWK1HF6hhy/it/u=2928049956,3976845960&fm=27&gp=0.jpg)
   2 | 
   3 | ![Gitee license](https://img.shields.io/badge/license-MIT-blue.svg)
   4 | 
   5 | # `awesome-windows-kernel-security-development`
   6 | 
   7 | :heart:
   8 | 
   9 | ## windows kernel driver with c++ runtime
  10 | 
  11 | -  https://github.com/HoShiMin/Kernel-Bridge
  12 | -  https://github.com/wjcsharp/Common
  13 | -  https://github.com/ExpLife/DriverSTL
  14 | -  https://github.com/sysprogs/BazisLib
  15 | -  https://github.com/AmrThabet/winSRDF
  16 | -  https://github.com/sidyhe/dxx
  17 | -  https://github.com/zer0mem/libc
  18 | -  https://github.com/eladraz/XDK
  19 | -  https://github.com/vic4key/Cat-Driver
  20 | -  https://github.com/AndrewGaspar/km-stl
  21 | -  https://github.com/zer0mem/KernelProject
  22 | -  https://github.com/zer0mem/miniCommon
  23 | -  https://github.com/jackqk/mystudy
  24 | -  https://github.com/yogendersolanki91/Kernel-Driver-Example
  25 | 
  26 | ## blackbone
  27 | 
  28 | -  https://github.com/alexpsp00/x-elite-loader
  29 | -  https://github.com/DarthTon/Xenos
  30 | -  https://github.com/DarthTon/Blackbone
  31 | 
  32 | ## winio
  33 | 
  34 | -  https://github.com/Jehoash/WinIO3.0
  35 | 
  36 | ## dkom
  37 | 
  38 | -  https://blog.csdn.net/zhuhuibeishadiao/article/details/51136650 (get process full path name)
  39 | -  https://bbs.pediy.com/thread-96427.htm (modify process image name)
  40 | -  https://github.com/ZhuHuiBeiShaDiao/PathModification
  41 | -  https://github.com/ZhuHuiBeiShaDiao/NewHideDriverEx
  42 | -  https://github.com/Sqdwr/HideDriver
  43 | -  https://github.com/nbqofficial/HideDriver
  44 | -  https://github.com/landhb/HideProcess
  45 | -  https://github.com/tfairane/DKOM
  46 | 
  47 | ## ssdt hook
  48 | 
  49 | -  https://github.com/Sqdwr/64-bits-inserthook
  50 | -  https://github.com/int0/ProcessIsolator
  51 | -  https://github.com/mrexodia/TitanHide (x64dbg Plugin)-(DragonQuestHero Suggest)
  52 | -  https://github.com/papadp/shd
  53 | -  https://github.com/bronzeMe/SSDT_Hook_x64
  54 | -  https://github.com/s18leoare/Hackshield-Driver-Bypass
  55 | -  https://github.com/sincoder/hidedir
  56 | -  https://github.com/wyrover/HKkernelDbg
  57 | -  https://github.com/CherryZY/Process_Protect_Module
  58 | -  https://github.com/weixu8/RegistryMonitor
  59 | -  https://github.com/nmgwddj/Learn-Windows-Drivers
  60 |     
  61 | ## eat/iat/object/irp/iat hook
  62 | 
  63 | -  https://github.com/m0n0ph1/IAT-Hooking-Revisited
  64 | -  https://github.com/xiaomagexiao/GameDll
  65 | -  https://github.com/HollyDi/Ring0Hook
  66 | -  https://github.com/mgeeky/prc_xchk
  67 | -  https://github.com/tinysec/iathook
  68 | 
  69 | ## inline hook
  70 | 
  71 | -  https://github.com/chinatiny/InlineHookLib (R3 & R0)
  72 | -  https://github.com/tongzeyu/HookSysenter
  73 | -  https://github.com/VideoCardGuy/HideProcessInTaskmgr
  74 | -  https://github.com/MalwareTech/FstHook
  75 | -  https://github.com/Menooker/FishHook
  76 | -  https://github.com/G-E-N-E-S-I-S/latebros
  77 | -  https://bbs.pediy.com/thread-214582.htm
  78 | 
  79 | ## inject technique
  80 | 
  81 | -  https://github.com/alex9191/Kernel-dll-injector (DllInjectFromKernel)
  82 | -  https://github.com/strivexjun/DriverInjectDll (MapInjectDll)
  83 | -  https://github.com/wbenny/keinject (ApcInjectFromKernel)
  84 | -  https://github.com/sud0loo/ProcessInjection
  85 | -  https://github.com/apriorit/SvcHostDemo
  86 | -  https://github.com/can1357/ThePerfectInjector
  87 | -  https://github.com/VideoCardGuy/X64Injector
  88 | -  https://github.com/papadp/reflective-injection-detection (InjectFromMemory)
  89 | -  https://github.com/psmitty7373/eif (InjectFromMemory)
  90 | -  https://github.com/rokups/ReflectiveLdr (InjectFromMemory)
  91 | -  https://github.com/BenjaminSoelberg/ReflectivePELoader (InjectFromMemory) 
  92 | -  https://github.com/NtRaiseHardError/Phage (InjectFromMemory)
  93 | -  https://github.com/dismantl/ImprovedReflectiveDLLInjection (InjectFromMemory)
  94 | -  https://github.com/CylanceVulnResearch/ReflectiveDLLRefresher (InjectFromMemory)
  95 | -  https://github.com/amishsecurity/paythepony (InjectFromMemory)
  96 | -  https://github.com/deroko/activationcontexthook
  97 | -  https://github.com/ez8-co/yapi (Cross x86 & x64 injection)
  98 | -  https://github.com/georgenicolaou/HeavenInjector
  99 | -  https://github.com/tinysec/runwithdll
 100 | -  https://github.com/NtOpcode/NT-APC-Injector
 101 | -  https://github.com/caidongyun/WinCodeInjection
 102 | -  https://github.com/countercept/doublepulsar-usermode-injector
 103 | -  https://github.com/mq1n/DLLThreadInjectionDetector
 104 | -  https://github.com/hkhk366/Memory_Codes_Injection
 105 | -  https://github.com/chango77747/ShellCodeInjector_MsBuild
 106 | -  https://github.com/Zer0Mem0ry/ManualMap
 107 | -  https://github.com/secrary/InfectPE
 108 | -  https://github.com/zodiacon/DllInjectionWithThreadContext
 109 | -  https://github.com/NtOpcode/RtlCreateUserThread-DLL-Injection
 110 | -  https://github.com/hasherezade/chimera_loader
 111 | -  https://github.com/Ciantic/RemoteThreader
 112 | -  https://github.com/OlSut/Kinject-x64
 113 | -  https://github.com/tandasat/RemoteWriteMonitor
 114 | -  https://github.com/stormshield/Beholder-Win32
 115 | -  https://github.com/secrary/InjectProc
 116 | -  https://github.com/AzureGreen/InjectCollection
 117 | -  https://github.com/uItra/Injectora
 118 | -  https://github.com/rootm0s/Injectors
 119 | -  https://github.com/Spajed/processrefund
 120 | -  https://github.com/al-homedawy/InjecTOR
 121 | -  https://github.com/OlSut/Kinject-x64
 122 | -  https://github.com/stormshield/Beholder-Win32
 123 | -  https://github.com/yifiHeaven/MagicWall
 124 | 
 125 | ## anti autorun
 126 | 
 127 | -  https://github.com/analyst004/autorun
 128 | 
 129 | ## anti dll inject
 130 | 
 131 | -  https://github.com/analyst004/antinject
 132 | -  https://github.com/ExpLife/BotKiller
 133 | 
 134 | ## load Dll from memory
 135 | 
 136 | -  https://github.com/jnastarot/native_peloader
 137 | -  https://github.com/fancycode/MemoryModule
 138 | -  https://github.com/strivexjun/MemoryModulePP
 139 | 
 140 | ## Unpack dll load in runtime
 141 | 
 142 | -  https://github.com/1ce0ear/DllLoaderUnpacker
 143 | 
 144 | ## anti dll hijack
 145 | 
 146 | -  https://github.com/fortiguard-lion/anti-dll-hijacking
 147 | 
 148 | ## process hollowing
 149 | 
 150 | -  https://github.com/xfgryujk/InjectExe
 151 | -  https://github.com/m0n0ph1/Basic-File-Crypter
 152 | -  https://github.com/Spajed/processrefund
 153 | -  https://github.com/KernelMode/Process_Doppelganging
 154 | -  https://github.com/hasherezade/process_doppelganging
 155 | -  https://github.com/m0n0ph1/Process-Hollowing
 156 | -  https://github.com/KernelMode/RunPE-ProcessHollowing
 157 | -  https://github.com/KernelMode/RunPE_Detecter
 158 | 
 159 | ## pe loader
 160 | 
 161 | -  https://github.com/FrankStain/pe-loader
 162 | -  https://github.com/VideoCardGuy/PELoader
 163 | 
 164 | ## dll to shellcode
 165 | 
 166 | -  https://github.com/w1nds/dll2shellcode
 167 | 
 168 | ## hide process
 169 | 
 170 | -  https://github.com/M00nRise/ProcessHider
 171 | 
 172 | ## hide & delete dll
 173 | 
 174 | -  https://github.com/wyyqyl/HideModule
 175 | 
 176 | ## load driver from memory
 177 | 
 178 | -  https://github.com/ZhuHuiBeiShaDiao/DriverMaper
 179 | -  https://github.com/9176324/KernelMemoryModule (Enable Exception)
 180 | -  https://github.com/not-wlan/driver-hijack
 181 | -  https://github.com/Professor-plum/Reflective-Driver-Loader
 182 | 
 183 | ## hook engine
 184 | 
 185 | -  https://github.com/Synestraa/ArchUltimate.HookLib
 186 | -  https://github.com/DominicTobias/detourxs
 187 | -  https://github.com/Ilyatk/HookEngine
 188 | -  https://github.com/zyantific/zyan-hook-engine
 189 | -  https://github.com/martona/mhook
 190 | -  https://github.com/EasyHook/EasyHook
 191 | -  https://github.com/RelicOfTesla/Detours
 192 | 
 193 | ## callback
 194 | 
 195 | -  https://github.com/Sqdwr/RemoveCallBacks
 196 | -  https://github.com/JKornev/hidden
 197 | -  https://github.com/binbibi/CallbackEx
 198 | -  https://github.com/swwwolf/cbtest
 199 | -  https://github.com/nmgwddj/Learn-Windows-Drivers
 200 | -  https://github.com/SamLarenN/CallbackDisabler
 201 | 
 202 | ## minifilter
 203 | 
 204 | -  https://github.com/NtRaiseHardError/Anti-Delete (File anti delete)
 205 | -  https://github.com/Randomize163/FSDefender
 206 | -  https://github.com/ETEFS/ETEFS_Mini
 207 | -  https://github.com/gfleury/ProtegeDados_ProjetoFinal
 208 | -  https://github.com/denisvieriu/Portable-Executable-Minifilter-Driver
 209 | -  https://github.com/surajfale/passthrough-minifilter-driver
 210 | -  https://github.com/louk78/Virgo
 211 | -  https://github.com/tandasat/Scavenger
 212 | -  https://github.com/dubeyprateek/HideFiles
 213 | -  https://github.com/aleksk/LazyCopy
 214 | -  https://github.com/guidoreina/minivers
 215 | -  https://github.com/idkwim/mfd
 216 | -  https://github.com/Coxious/Antinvader
 217 | -  https://github.com/tandasat/Scavenger
 218 | -  https://github.com/fishfly/X70FSD
 219 | -  https://github.com/ExpLife/BKAV.Filter
 220 | 
 221 | ## virtual disk
 222 | 
 223 | -  https://github.com/zhaozhongshu/winvblock_vs
 224 | -  https://github.com/yogendersolanki91/Kernel-Driver-Example
 225 | 
 226 | ## virtual file system
 227 | 
 228 | -  https://github.com/ExpLife/CodeUMVFS
 229 | -  https://github.com/yogendersolanki91/ProcessFileSystem
 230 | -  https://github.com/BenjaminKim/dokanx
 231 | 
 232 | ## lpc
 233 | 
 234 | -  https://github.com/avalon1610/LPC
 235 | 
 236 | ## alpc
 237 | 
 238 | -  https://github.com/avalon1610/ALPC
 239 | 
 240 | ## lsp
 241 | 
 242 | -  https://github.com/AnwarMohamed/Packetyzer
 243 | 
 244 | ## afd
 245 |  
 246 | -  https://github.com/xiaomagexiao/GameDll 
 247 | -  https://github.com/DeDf/afd
 248 | -  https://github.com/a252293079/NProxy
 249 | 
 250 | ## tdi
 251 | 
 252 | -  https://github.com/xue-blood/adfilter
 253 | -  https://github.com/alex9191/NetDriver (send & receive HTTP requests)
 254 | -  https://github.com/alex9191/ZeroBank-ring0-bundle
 255 | -  https://github.com/Sha0/winvblock
 256 | -  https://github.com/michael4338/TDI
 257 | -  https://github.com/cullengao/tdi_monitor
 258 | -  https://github.com/uniking/TDI-Demo
 259 | -  https://github.com/codereba/netmon
 260 | 
 261 | ## wfp
 262 | 
 263 | -  https://github.com/mullvad/libwfp
 264 | -  https://github.com/gifur/NetworkMnt
 265 | -  https://github.com/ss-abramchuk/OpenVPNAdapter/blob/f016614ed3dec30672e4f1821344b7992825a98d/OpenVPN%20Adapter/Vendors/openvpn/openvpn/tun/win/wfp.hpp
 266 | -  https://github.com/itari/vapu
 267 | -  https://github.com/basil00/Divert
 268 | -  https://github.com/WPO-Foundation/win-shaper
 269 | -  https://github.com/raymon-tian/WFPFirewall
 270 | -  https://github.com/killbug2004/HashFilter
 271 | -  https://github.com/henrypp/simplewall
 272 | -  https://docs.microsoft.com/zh-cn/windows-hardware/drivers/network/porting-packet-processing-drivers-and-apps-to-wfp
 273 | -  https://github.com/thecybermind/ipredir
 274 | 
 275 | ## ndis
 276 | 
 277 | -  https://github.com/pr0v3rbs/MalSiteBlocker
 278 | -  https://github.com/Beamer-LB/netmap/tree/stable/WINDOWS
 279 | -  https://github.com/ndemarinis/ovs/tree/22a1ba42f8137cd3532b54880b19b51d4b87440d/datapath-windows/ovsext
 280 | -  https://github.com/markjandrews/CodeMachineCourse/tree/5473d4ea808791c2a048f2c8c9c86f011a6da5e8/source/kerrkt.labs/labs/NdisLwf
 281 | -  https://github.com/openthread/openthread/tree/master/examples/drivers/windows
 282 | -  https://github.com/Hartigan/Firewall
 283 | -  https://github.com/zy520321/ndis-filter
 284 | -  https://github.com/yuanmaomao/NDIS_Firewall
 285 | -  https://github.com/SoftEtherVPN/Win10Pcap
 286 | -  https://github.com/IsoGrid/NdisProtocol
 287 | -  https://github.com/lcxl/lcxl-net-loader
 288 | -  https://www.ntkernel.com/windows-packet-filter/
 289 | -  https://github.com/michael4338/NDIS
 290 | -  https://github.com/IAmAnubhavSaini/ndislwf
 291 | -  https://github.com/OpenVPN/tap-windows6
 292 | -  https://github.com/SageAxcess/pcap-ndis6
 293 | -  https://github.com/uniking/NDIS-Demo
 294 | -  https://github.com/mkdym/NDISDriverInst
 295 | -  https://github.com/debugfan/packetprot
 296 | -  https://github.com/Iamgublin/NDIS6.30-NetMonitor
 297 | -  https://github.com/nmap/npcap
 298 | -  https://github.com/Ltangjian/FireWall
 299 | -  https://github.com/Microsoft/Windows-driver-samples/tree/master/network/config/bindview
 300 | -  https://github.com/brorica/http_inject (winpcap)
 301 | 
 302 | ## wsk
 303 | 
 304 | -  https://github.com/reinhardvz/wsk
 305 | -  https://github.com/akayn/kbMon
 306 | -  https://github.com/02strich/audionet
 307 | -  https://github.com/mestefy/securityplus
 308 | -  https://github.com/skycipher/CNGProvider
 309 | 
 310 | ## rootkits
 311 | 
 312 | -  https://github.com/Psychotropos/xhunter1_privesc (XIGNCODE3)
 313 | -  https://github.com/ionescu007/r0ak (RWE)
 314 | -  https://github.com/cyberweapons/cyberweapons
 315 | -  https://github.com/huoji120/AV-Killer
 316 | -  https://github.com/Sqdwr/DeleteFile
 317 | -  https://github.com/Sqdwr/DeleteFileByCreateIrp
 318 | -  https://github.com/Mattiwatti/PPLKiller
 319 | -  https://github.com/bfosterjr/ci_mod
 320 | -  https://github.com/HoShiMin/EnjoyTheRing0
 321 | -  https://github.com/hfiref0x/ZeroAccess
 322 | -  https://github.com/hackedteam/driver-win32
 323 | -  https://github.com/hackedteam/driver-win64
 324 | -  https://github.com/csurage/Rootkit
 325 | -  https://github.com/bowlofstew/rootkit.com
 326 | -  https://github.com/Nervous/GreenKit-Rootkit
 327 | -  https://github.com/bytecode-77/r77-rootkit
 328 | -  https://github.com/Cr4sh/WindowsRegistryRootkit
 329 | -  https://github.com/Alifcccccc/Windows-Rootkits
 330 | -  https://github.com/Schnocker/NoEye
 331 | -  https://github.com/christian-roggia/open-myrtus
 332 | -  https://github.com/Cr4sh/DrvHide-PoC
 333 | -  https://github.com/mstefanowich/SquiddlyDiddly2
 334 | -  https://github.com/MalwareTech/FakeMBR
 335 | -  https://github.com/Cr4sh/PTBypass-PoC
 336 | -  https://github.com/psaneme/Kung-Fu-Malware
 337 | -  https://github.com/hasherezade/persistence_demos
 338 | -  https://github.com/MinhasKamal/TrojanCockroach
 339 | -  https://github.com/akayn/kbMon
 340 | 
 341 | ## mbr
 342 | 
 343 | -  https://github.com/Cisco-Talos/MBRFilter
 344 | 
 345 | ## bootkits
 346 | 
 347 | -  https://github.com/DeviceObject/rk2017
 348 | -  https://github.com/DeviceObject/ChangeDiskSector
 349 | -  https://github.com/DeviceObject/Uefi_HelloWorld
 350 | -  https://github.com/DeviceObject/ShitDrv
 351 | -  https://github.com/DeviceObject/DarkCloud
 352 | -  https://github.com/nyx0/Rovnix
 353 | -  https://github.com/MalwareTech/TinyXPB
 354 | -  https://github.com/m0n0ph1/Win64-Rovnix-VBR-Bootkit
 355 | -  https://github.com/NextSecurity/Gozi-MBR-rootkit
 356 | -  https://github.com/NextSecurity/vector-edk
 357 | -  https://github.com/ahixon/booty
 358 | 
 359 | ## uefi/smm
 360 | 
 361 | -  https://github.com/DeviceObject/Uefi_HelloWorld
 362 | -  https://github.com/LongSoft/UEFITool
 363 | -  https://github.com/dude719/UEFI-Bootkit
 364 | -  https://github.com/quarkslab/dreamboot
 365 | -  https://github.com/gyje/BIOS_Rootkit
 366 | -  https://github.com/scumjr/the-sea-watcher
 367 | -  https://github.com/zhuyue1314/stoned-UEFI-bootkit
 368 | -  https://github.com/hackedteam/vector-edk
 369 | -  https://github.com/Cr4sh/SmmBackdoor
 370 | -  https://github.com/Cr4sh/PeiBackdoor
 371 | -  https://github.com/Cr4sh/fwexpl
 372 | 
 373 | ## bootloader
 374 | 
 375 | -  https://github.com/apriorit/custom-bootloader
 376 | 
 377 | ## smc
 378 | 
 379 | -  https://github.com/marcusbotacin/Self-Modifying-Code
 380 | 
 381 | ## anti debug
 382 | 
 383 | -  https://github.com/strivexjun/XAntiDebug
 384 | -  https://github.com/marcusbotacin/Anti.Analysis
 385 | -  https://github.com/LordNoteworthy/al-khaser
 386 | -  https://github.com/eschweiler/ProReversing
 387 | 
 388 | ## crypters
 389 | 
 390 | -  https://github.com/m0n0ph1/FileCrypter
 391 | -  https://github.com/iGh0st/Crypters
 392 | 
 393 | ## malware
 394 | 
 395 | -  https://github.com/lianglixin/RemoteControl-X3
 396 | -  https://github.com/Souhardya/UBoat (HTTP)
 397 | -  https://github.com/malwares/Botnet
 398 | -  https://github.com/RafaelGSS/HyzMall
 399 | -  https://github.com/DeadNumbers/Pegasus
 400 | -  https://github.com/mdsecactivebreach/SharpShooter
 401 | -  https://github.com/mwsrc/XtremeRAT
 402 | -  https://github.com/mwsrc/Schwarze-Sonne-RAT (delphi)
 403 | -  https://github.com/Mr-Un1k0d3r/ThunderShell (powershell)
 404 | -  https://github.com/DimChris0/LoRa
 405 | -  https://github.com/marcusbotacin/Malware.Multicore
 406 | -  https://github.com/bxlcity/malware
 407 | -  https://github.com/grcasanova/SuperVirus
 408 | -  https://github.com/hackedteam/core-win32
 409 | -  https://github.com/hackedteam/scout-win
 410 | -  https://github.com/hackedteam/vector-dropper
 411 | 
 412 | ## EternalBlue && Doublepulsar && Mine
 413 | 
 414 | -  https://github.com/xmrig/xmrig
 415 | -  https://github.com/TolgaSEZER/EternalPulse 
 416 | 
 417 | ## malware analysis
 418 | 
 419 | -  https://github.com/ctxis/capemon
 420 | -  https://github.com/kevthehermit/RATDecoders
 421 | -  https://github.com/marcusbotacin/Malware.Variants
 422 | -  https://github.com/marcusbotacin/Hardware-Assisted-AV
 423 | -  https://github.com/gentilkiwi/spectre_meltdown
 424 | -  https://github.com/gentilkiwi/wanadecrypt
 425 | -  https://github.com/bloomer1016
 426 | -  https://github.com/CHEF-KOCH/malware-research
 427 | -  https://github.com/gentilkiwi/wanakiwi
 428 | 
 429 | ## arktools
 430 | 
 431 | -  https://github.com/alex9191/KernelModeMonitor
 432 | -  https://github.com/marcosd4h/memhunter
 433 | -  https://github.com/gleeda/memtriage
 434 | -  https://github.com/KernelMode/Process_Dop
 435 | -  https://github.com/hm200958/kmdf--analyse
 436 | -  https://github.com/AzureGreen/WinNT-Learning
 437 | -  https://github.com/marcusbotacin/BranchMonitoringProject
 438 | -  https://github.com/AzureGreen/ArkProtect
 439 | -  https://github.com/AzureGreen/ArkToolDrv
 440 | -  https://github.com/HollyDi/PCAssistant
 441 | -  https://github.com/ChengChengCC/Ark-tools
 442 | -  https://github.com/swatkat/arkitlib
 443 | -  https://github.com/swwwolf/wdbgark
 444 | -  https://github.com/zibility/Anti-Rootkits
 445 | -  https://github.com/SLAUC91/AntiCheat
 446 | -  https://github.com/sincoder/A-Protect
 447 | -  https://github.com/apriorit/antirootkit-anti-splicer
 448 | -  https://github.com/kedebug/ScDetective
 449 | -  https://github.com/PKRoma/ProcessHacker
 450 | -  https://github.com/AndreyBazhan/DbgExt
 451 | -  https://github.com/comaeio/SwishDbgExt
 452 | -  https://github.com/ExpLife/atomic-red-team
 453 | -  https://github.com/shenghe/pcmanager
 454 | -  https://github.com/lj1987new/guardlite
 455 | -  https://github.com/hackshields/antivirus/
 456 | -  https://github.com/AntiRootkit/BDArkit
 457 | 
 458 | ## bypass patchguard
 459 | 
 460 | -  https://github.com/hfiref0x/UPGDSED
 461 | -  https://github.com/tandasat/PgResarch
 462 | -  https://github.com/killvxk/DisableWin10PatchguardPoc
 463 | -  https://github.com/tandasat/findpg
 464 | -  https://github.com/zer0mem/HowToBoostPatchGuard
 465 | -  https://bbs.pediy.com/thread-214582.htm
 466 | 
 467 | ## bypass dse
 468 | 
 469 | -  https://github.com/hfiref0x/TDL
 470 | -  https://github.com/hfiref0x/DSEFix
 471 | 
 472 | ## HackSysExtremeVulnerableDriver
 473 | 
 474 | -  https://github.com/mgeeky/HEVD_Kernel_Exploit
 475 | -  https://www.fuzzysecurity.com/tutorials.html
 476 | -  https://rootkits.xyz/blog/
 477 | -  https://github.com/hacksysteam/HackSysExtremeVulnerableDriver
 478 | -  https://github.com/k0keoyo/HEVD-Double-Free-PoC
 479 | -  https://github.com/k0keoyo/HEVD-Arbitrary-Overwrite-Exploit-Win10-rs3
 480 | -  https://github.com/tekwizz123/HEVD-Exploit-Solutions
 481 | -  https://github.com/k0keoyo/try_exploit
 482 | -  https://github.com/Cn33liz/HSEVD-VariousExploits
 483 | -  https://github.com/Cn33liz/HSEVD-StackOverflow
 484 | -  https://github.com/Cn33liz/HSEVD-StackOverflowX64
 485 | -  https://github.com/Cn33liz/HSEVD-StackCookieBypass
 486 | -  https://github.com/Cn33liz/HSEVD-ArbitraryOverwriteGDI
 487 | -  https://github.com/Cn33liz/HSEVD-StackOverflowGDI
 488 | -  https://github.com/Cn33liz/HSEVD-ArbitraryOverwriteLowIL
 489 | -  https://github.com/Cn33liz/HSEVD-ArbitraryOverwrite
 490 | -  https://github.com/akayn/demos
 491 | 
 492 | ## windows kernel exploits
 493 | 
 494 | -  https://github.com/SandboxEscaper/randomrepo (win10 LPE)
 495 | -  https://github.com/jackson5-sec/TaskSchedLPE (LPE)
 496 | -  https://github.com/HarsaroopDhillon/AHNLab-0day(LPE)
 497 | -  https://github.com/paranoidninja/Pandoras-Box
 498 | -  https://github.com/MarkHC/HandleMaster
 499 | -  https://github.com/can1357/physical_mem_controller
 500 | -  https://github.com/can1357/safe_capcom
 501 | -  https://github.com/can1357/CVE-2018-8897
 502 | -  https://github.com/JeremyFetiveau/Exploits
 503 | -  https://github.com/hfiref0x/Stryker
 504 | -  https://github.com/swwwolf/obderef
 505 | -  https://github.com/k0keoyo/CVE-2017-0038-EXP-C-JS
 506 | -  https://github.com/cbayet/PoolSprayer
 507 | -  https://github.com/k0keoyo/Vir.IT-explorer-Anti-Virus-Null-Pointer-Reference-PoC
 508 | -  https://github.com/k0keoyo/Driver-Loaded-PoC
 509 | -  https://github.com/k0keoyo/try_exploit
 510 | -  https://github.com/k0keoyo/CVE-2015-2546-Exploit
 511 | -  https://github.com/k0keoyo/Dark_Composition_case_study_Integer_Overflow
 512 | -  https://github.com/tinysec/vulnerability
 513 | -  https://github.com/akayn/demos
 514 | -  https://github.com/abatchy17/WindowsExploits
 515 | -  https://github.com/recodeking/WindowsExploitation
 516 | -  https://github.com/GDSSecurity/Windows-Exploit-Suggester
 517 | -  https://github.com/rwfpl/rewolf-pcausa-exploit
 518 | -  https://github.com/ratty3697/HackSpy-Trojan-Exploit
 519 | -  https://github.com/SecWiki/windows-kernel-exploits
 520 | -  https://github.com/sensepost/ms16-098
 521 | -  https://github.com/shjalayeri/sysret
 522 | -  https://github.com/sam-b/windows_kernel_resources
 523 | -  https://github.com/sensepost/gdi-palettes-exp
 524 | -  https://github.com/ExpLife/ByPassCfg
 525 | -  https://github.com/Rootkitsmm/WinIo-Vidix
 526 | -  https://github.com/andrewkabai/vulnwindrv
 527 | -  https://github.com/mwrlabs/CVE-2016-7255
 528 | -  https://github.com/MarkHC/HandleMaster
 529 | -  https://github.com/SamLarenN/CapcomDKOM
 530 | -  https://github.com/zerosum0x0/puppetstrings
 531 | -  https://github.com/zerosum0x0/ShellcodeDriver
 532 | -  https://github.com/Rootkitsmm/WinIo-Vidix
 533 | -  https://github.com/progmboy/kernel_vul_poc
 534 | -  https://github.com/rwfpl/rewolf-msi-exploit
 535 | -  https://github.com/rwfpl/rewolf-pcausa-exploit
 536 | -  https://github.com/Rootkitsmm/Win10Pcap-Exploit
 537 | -  https://github.com/Rootkitsmm/MS15-061
 538 | -  https://github.com/Rootkitsmm/cve-2016-0040
 539 | -  https://github.com/Rootkitsmm/CVEXX-XX
 540 | -  https://github.com/sensepost/ms16-098
 541 | -  https://github.com/Trietptm-on-Security/bug-free-adventure
 542 | -  https://github.com/sam-b/CVE-2014-4113
 543 | -  https://github.com/Rootkitsmm/OpenVpn-Pool-Overflow
 544 | -  https://github.com/Rootkitsmm/UnThreatAVDriver-DOS
 545 | -  https://github.com/Cr4sh/ThinkPwn
 546 | -  https://github.com/hfiref0x/CVE-2015-1701
 547 | -  https://github.com/tyranid/windows-logical-eop-workshop
 548 | -  https://github.com/google/sandbox-attacksurface-analysis-tools
 549 | -  https://github.com/tyranid/ExploitRemotingService
 550 | -  https://github.com/tyranid/DeviceGuardBypasses
 551 | -  https://github.com/tyranid/ExploitDotNetDCOM
 552 | -  https://github.com/hatRiot/token-priv(EOP)
 553 | -  https://github.com/weizn11/MS17010_AllInOne
 554 | -  https://github.com/TeskeVirtualSystem/MS17010Test
 555 | 
 556 | ## LPE
 557 | 
 558 | -  https://github.com/nmulasmajic/syscall_exploit_CVE-2018-8897
 559 | -  https://github.com/codewhitesec/UnmarshalPwn
 560 | -  https://ohpe.github.io/juicy-potato/
 561 | 
 562 | ## office exploit
 563 | 
 564 | -  https://github.com/rxwx/CVE-2017-8570
 565 | 
 566 | ## flash exploit
 567 | 
 568 | -  https://github.com/brianwrf/CVE-2017-4878-Samples
 569 | 
 570 | ## sandbox
 571 | 
 572 | -  https://github.com/taiFansou/Proteibox
 573 | 
 574 | ## sandbox escape
 575 | 
 576 | -  https://github.com/SilverMoonSecurity/SandboxEvasion
 577 | -  https://github.com/exAphex/SandboxEscape
 578 | -  https://github.com/Fel0ny/Sandbox-Detection
 579 | -  https://github.com/CheckPointSW/InviZzzible
 580 | -  https://github.com/MalwareTech/AppContainerSandbox
 581 | -  https://github.com/tyranid/IE11SandboxEscapes
 582 | -  https://github.com/649/Chrome-Sandbox-Exploit
 583 | -  https://github.com/google/sandbox-attacksurface-analysis-tools
 584 | -  https://github.com/conix-security/zer0m0n
 585 | -  https://github.com/iceb0y/windows-container
 586 | -  https://github.com/s7ephen/SandKit
 587 | -  https://github.com/D4Vinci/Dr0p1t-Framework
 588 | -  https://github.com/cryptolok/MorphAES
 589 | -  https://github.com/mtalbi/vm_escape
 590 | -  https://github.com/unamer/vmware_escape
 591 | -  https://github.com/erezto/lua-sandbox-escape
 592 | -  https://github.com/brownbelt/Edge-sandbox-escape
 593 | -  https://github.com/shakenetwork/vmware_escape
 594 | -  https://github.com/Cr4sh/prl_guest_to_host
 595 | 
 596 | ## anti exploit
 597 | 
 598 | -  https://github.com/Empier/Anti-Exploit
 599 | 
 600 | ## cve
 601 | 
 602 | -  https://github.com/LiuCan01/cve-list-pro
 603 | -  https://github.com/CVEProject/cvelist
 604 | 
 605 | ## hips
 606 | 
 607 | -  https://github.com/zareprj/JAV-AV-Engine
 608 | -  https://github.com/0xdabbad00/OpenHIPS
 609 | -  https://github.com/ExpLife/Norton_AntiVirus_SourceCode
 610 | -  https://github.com/majian55555/MJAntiVirusEngine
 611 | -  https://github.com/develbranch/TinyAntivirus
 612 | -  https://github.com/tandasat/EopMon
 613 | -  https://github.com/tandasat/MemoryMon
 614 | 
 615 | ## windows hypervisor 
 616 | 
 617 | -  https://github.com/StrikerX3/whvpclient
 618 | 
 619 | ## vt
 620 | 
 621 | -  https://github.com/wbenny/hvpp
 622 | -  https://github.com/Sqdwr/Multi_CPU_VtBase
 623 | -  https://github.com/marche147/IoctlMon
 624 | -  https://github.com/ionescu007/SimpleVisor
 625 | -  https://github.com/zer0mem/MiniHyperVisorProject
 626 | -  https://github.com/zer0mem/ShowMeYourGongFu
 627 | -  https://github.com/zer0mem/HyperVisor
 628 | -  https://github.com/marche147/SimpleVT
 629 | -  https://github.com/DarthTon/HyperBone
 630 | -  https://github.com/nick-kvmhv/splittlb
 631 | -  https://github.com/zareprj/Vmx_Prj
 632 | -  https://github.com/ZhuHuiBeiShaDiao/MiniVTx64
 633 | -  https://github.com/tandasat/HyperPlatform
 634 | -  https://github.com/hzqst/Syscall-Monitor
 635 | -  https://github.com/asamy/ksm
 636 | -  https://github.com/in12hacker/VT_64_EPT
 637 | -  https://github.com/ZhuHuiBeiShaDiao/PFHook
 638 | -  https://github.com/tandasat/FU_Hypervisor
 639 | -  https://github.com/tandasat/DdiMon
 640 | -  https://github.com/tandasat/GuardMon
 641 | -  https://github.com/yqsy/VT_demo
 642 | -  https://github.com/OkazakiNagisa/VTbasedDebuggerWin7
 643 | -  https://github.com/Ouroboros/JuusanKoubou
 644 | -  https://github.com/aaa1616/Hypervisor
 645 | -  https://github.com/Nukem9/VirtualDbg
 646 | -  https://github.com/Nukem9/VirtualDbgHide
 647 | -  https://github.com/cheat-engine/cheat-engine
 648 | -  https://github.com/Kelvinhack/kHypervisor
 649 | 
 650 | ## fuzzer
 651 | 
 652 | -  https://github.com/bee13oy/AV_Kernel_Vulns/tree/master/Zer0Con2017
 653 | -  https://github.com/k0keoyo/kDriver-Fuzzer (Paper:https://whereisk0shl.top/post/2018-01-30)
 654 | -  https://github.com/koutto/ioctlbf
 655 | -  https://github.com/Cr4sh/ioctlfuzzer
 656 | -  https://github.com/Cr4sh/MsFontsFuzz
 657 | -  https://github.com/hfiref0x/NtCall64
 658 | -  https://github.com/Rootkitsmm/Win32k-Fuzzer
 659 | -  https://github.com/mwrlabs/KernelFuzzer
 660 | -  https://github.com/SignalSEC/kirlangic-ttf-fuzzer
 661 | -  https://github.com/demi6od/Smashing_The_Browser
 662 | -  https://github.com/marche147/IoctlMon
 663 | -  https://github.com/k0keoyo/Some-Kernel-Fuzzing-Paper
 664 | 
 665 | ## emet
 666 | 
 667 | -  https://github.com/codingtest/EMET
 668 | 
 669 | ## hotpatch
 670 | 
 671 | -  https://github.com/codingtest/windows_hotpatch
 672 | 
 673 | ## memory hack
 674 | 
 675 | -  https://github.com/Empier/MemoryEditor
 676 | 
 677 | ## game hack
 678 | 
 679 | -  https://github.com/daswareinfach/Battleye-VAC-EAC-Kernel-Bypass (BattlEye)
 680 | -  https://blog.his.cat/a/fuck_battleye.cat (BattlEye)
 681 | -  https://github.com/Tai7sy/BE_Fuck (Battleye)
 682 | -  https://github.com/Synestraa/Highcall-Library
 683 | -  https://github.com/cheat-engine/cheat-engine
 684 | -  https://github.com/DreamHacks/dreamdota
 685 | -  https://github.com/yoie/NGPlug-in
 686 | -  https://github.com/DevelopKits/proj
 687 | -  https://github.com/VideoCardGuy/ExpTool_GUI
 688 | -  https://github.com/VideoCardGuy/Zhihu_SimpleLog
 689 | -  https://github.com/VideoCardGuy/NewYuGiOh_CheatDLL_x64
 690 | -  https://github.com/VideoCardGuy/Tetris
 691 | -  https://github.com/VideoCardGuy/YuGiOh
 692 | -  https://github.com/VideoCardGuy/SnakeAI
 693 | -  https://github.com/VideoCardGuy/gitAsktao
 694 | -  https://github.com/VideoCardGuy/War3Cheat
 695 | -  https://github.com/VideoCardGuy/AStar_Study
 696 | -  https://github.com/VideoCardGuy/BnsChina_SetSpeed
 697 | -  https://github.com/VideoCardGuy/LOLProjects
 698 | -  https://github.com/VideoCardGuy/NewYuGiOh_CheatDLL_x64
 699 | -  https://github.com/VideoCardGuy/PictureMatchGame
 700 | -  https://github.com/VideoCardGuy/AutoLoginByBnsChina
 701 | -  https://github.com/VideoCardGuy/MemoryWatchTool
 702 | -  https://github.com/VideoCardGuy/LOL_China
 703 | -  https://github.com/mlghuskie/NoBastian
 704 | -  https://github.com/G-E-N-E-S-I-S/BattlegroundsChams
 705 | -  https://github.com/luciouskami/XignCode3Bypass
 706 | -  https://github.com/luciouskami/CS-GO-Simple-Hack
 707 | -  https://github.com/luciouskami/load-self-mix
 708 | -  https://github.com/Karaulov/WarcraftIII_DLL_126-127
 709 | -  https://github.com/TonyZesto/PubgPrivXcode85
 710 | -  https://github.com/luciouskami/gameguard-for-war3
 711 | -  https://github.com/PopcornEgg/LOLChangeSkin
 712 | -  https://github.com/ValveSoftware/ToGL
 713 | -  https://github.com/Karaulov/War3-SizeLimit-Bypass
 714 | -  https://github.com/F7eak/Xenon
 715 | -  https://github.com/syj2010syj/All-Star-Battle-2
 716 | 
 717 | ## anti cheat
 718 | 
 719 | -  https://github.com/SagaanTheEpic/Sagaan-AntiCheat-V2.0
 720 | -  https://github.com/SagaanTheEpic/SAC-Sagaan-AntiCheat-Module-
 721 | -  https://github.com/SagaanTheEpic/SAC-Anti-Debug
 722 | -  https://github.com/SagaanTheEpic/SAC-Sagaan-AntiCheat-ModuleThread
 723 | -  https://github.com/SagaanTheEpic/SAC-Sagaan-AntiCheat-OverlayDetector-
 724 | -  https://github.com/SagaanTheEpic/Mega-Bypasss
 725 | -  https://github.com/SagaanTheEpic/SAC-Sagaan-AntiCheat-UserMode-
 726 | -  https://github.com/SagaanTheEpic/SAC-Sagaan-AntiCheat-Driver-
 727 | -  https://github.com/SagaanTheEpic/SagaanTheEpic-Millin-Hack-SMH-Kernel
 728 | -  https://github.com/SagaanTheEpic/LSASS-Usermode-Bypass
 729 | -  https://github.com/SagaanTheEpic/KernelMode-Bypass
 730 | -  https://github.com/chinatiny/GameAntiCheat
 731 | -  https://github.com/jnastarot/anti-cheat
 732 | -  https://github.com/jnastarot/ice9
 733 | 
 734 | ## software reverse
 735 | 
 736 | -  https://github.com/stonedreamforest/re_avkmgr 
 737 | -  https://github.com/stonedreamforest/re_sysdiag
 738 | 
 739 | ## pe protector
 740 | 
 741 | -  https://github.com/jnastarot/furikuri
 742 | 
 743 | ## unpacker
 744 | 
 745 | -  http://n10info.blogspot.com/2018/03/xvolkolak-010.html
 746 | 
 747 | ## symbolic execution
 748 | 
 749 | -  https://github.com/illera88/Ponce
 750 | -  https://github.com/gaasedelen/lighthouse
 751 | 
 752 | ## deobfuscation
 753 | 
 754 | -  https://github.com/mmyydd/relative-pattern
 755 | -  https://github.com/SCUBSRGroup/OLLVM_Deobfuscation
 756 | 
 757 | ## taint analyse
 758 | 
 759 | -  https://github.com/cea-sec/miasm (blackhat 2018)
 760 | -  https://bbs.pediy.com/thread-230299.htm 
 761 | -  https://bbs.pediy.com/thread-230105.htm
 762 | -  https://bbs.pediy.com/thread-226603.htm
 763 | -  https://bbs.pediy.com/thread-224353.htm
 764 | -  https://bbs.pediy.com/thread-223849.htm
 765 | -  https://github.com/airbus-seclab/bincat
 766 | -  https://github.com/SCUBSRGroup/Taint-Analyse
 767 | -  https://github.com/airbus-seclab/bincat
 768 | -  https://github.com/SCUBSRGroup/Taint-Analyse
 769 | -  https://github.com/piscou/FuzzWin
 770 | 
 771 | ## bin diff
 772 | 
 773 | -  https://www.zynamics.com/bindiff.html
 774 | -  https://github.com/joxeankoret/diaphora
 775 | -  https://github.com/ExpLife/binarydiffer
 776 | -  https://github.com/ExpLife/patchdiff2_ida6
 777 | -  https://github.com/ExpLife/patchdiff2
 778 | 
 779 | ## x64dbg plugin
 780 | 
 781 | -  https://github.com/ThunderCls/xAnalyzer
 782 | -  https://github.com/mrexodia/TitanHide
 783 | -  https://github.com/x64dbg/InterObfu
 784 | -  https://github.com/x64dbg/ScyllaHide
 785 | -  https://github.com/Nukem9/SwissArmyKnife
 786 | -  https://github.com/x64dbg/x64dbg/wiki/Plugins
 787 | 
 788 | ## live kernel debug
 789 | 
 790 | - https://samsclass.info/126/proj/p12-kernel-debug-win10.htm?tdsourcetag=s_pctim_aiomsg
 791 | - https://gds89.wordpress.com/2010/05/19/windows-7-x64-local-and-live-kernel-debugging/
 792 | 
 793 | ## windbg plugin
 794 | 
 795 | - https://codeday.me/bug/20171003/80216.html
 796 | - http://virtualkd.sysprogs.org/
 797 | - https://github.com/VincentSe/WatchTrees
 798 | 
 799 | ## ida script & plugin
 800 | 
 801 | -  https://github.com/RolfRolles/HexRaysDeob (deobfuscate)
 802 | -  https://github.com/icewall/BinDiffFilter
 803 | -  https://github.com/devttys0/ida/
 804 | -  https://github.com/dude719/SigMaker-x64 (pat2sig)
 805 | -  https://github.com/fireeye/flare-ida    (idb2pat)
 806 | -  https://zznop.github.io/bnida/
 807 | -  https://github.com/zyantific/IDASkins
 808 | -  https://github.com/eugeii/ida-consonance
 809 | -  https://github.com/mwrlabs/win_driver_plugin
 810 | -  https://github.com/igogo-x86/HexRaysPyTools
 811 | -  https://github.com/techbliss/Python_editor
 812 | -  https://github.com/tmr232/Sark
 813 | -  http://sark.readthedocs.io/en/latest/debugging.html
 814 | -  https://bbs.pediy.com/thread-224627.htm (wing debugging idapython script)
 815 | 
 816 | ## ida sig maker
 817 | 
 818 | -  https://blog.csdn.net/lixiangminghate/article/details/81352205
 819 | 
 820 | ## idapython
 821 | 
 822 | -  http://www.h4ck.org.cn/2011/07/ida-pe6-dll-unpack/
 823 | -  https://www.anquanke.com/post/id/151898
 824 | -  https://www.anquanke.com/post/id/85890
 825 | -  https://www.cnblogs.com/17bdw/p/7785469.html
 826 | -  https://4hou.win/wordpress/?cat=1178 (pin & ida)
 827 | -  https://wizardforcel.gitbooks.io/grey-hat-python/
 828 | -  http://spd.dropsec.xyz/2016/10/05/IDAPython%E5%AE%89%E8%A3%85/
 829 | -  http://spd.dropsec.xyz/2017/04/09/%E7%AC%A6%E5%8F%B7%E6%89%A7%E8%A1%8C-%E5%9F%BA%E4%BA%8Epython%E7%9A%84%E4%BA%8C%E8%BF%9B%E5%88%B6%E5%88%86%E6%9E%90%E6%A1%86%E6%9E%B6angr/
 830 | -  http://spd.dropsec.xyz/2016/10/16/IDAPython%E8%84%9A%E6%9C%AC%E4%B9%8B%E6%94%B6%E9%9B%86%E5%87%BD%E6%95%B0%E7%9A%84%E8%B0%83%E7%94%A8%E4%BF%A1%E6%81%AF/
 831 | -  http://www.freebuf.com/sectool/92107.html
 832 | -  http://www.freebuf.com/sectool/92168.html
 833 | -  http://www.freebuf.com/articles/system/92488.html
 834 | -  http://www.freebuf.com/articles/system/92505.html
 835 | -  http://www.freebuf.com/articles/system/93440.html
 836 | -  https://www.fortinet.com/blog/threat-research/rewriting-idapython-script-objc2-xrefs-helper-py-for-hopper.html
 837 | -  https://sark.readthedocs.io/en/latest/debugging.html
 838 | -  https://cartermgj.github.io/2017/10/10/ida-python/
 839 | -  https://security.tencent.com/index.php/blog/msg/4
 840 | -  https://wingware.com/doc/howtos/idapython
 841 | -  http://www.somersetrecon.com/blog/2018/7/6/introduction-to-idapython-for-vulnerability-hunting
 842 | -  http://0xeb.net/2018/02/writing-a-simple-x86-emulator-with-idapython/
 843 | -  http://0xeb.net/2018/02/writing-a-simple-x86-emulator-with-idapython/
 844 | -  https://resources.infosecinstitute.com/saving-time-effort-idapython/#gref
 845 | -  https://www.thezdi.com/blog/2018/5/21/mindshare-walking-the-windows-kernel-with-ida-python
 846 | -  https://www.thezdi.com/blog/2018/7/19/mindshare-an-introduction-to-pykd
 847 | -  https://www.thezdi.com/blog/2018/6/26/mindshare-variant-hunting-with-ida-python
 848 | -  http://www.mopsled.com/2016/add-shortcut-for-idapython-script-ida-pro/
 849 | -  http://blog.sina.com.cn/s/blog_9f5e368a0102wnmm.html
 850 | -  https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/october/python-class-informer-an-idapython-plugin-for-viewing-run-time-type-information-rtti/
 851 | -  https://www.pydoc.io/pypi/python-idb-0.4.0/autoapi/analysis/index.html
 852 | -  https://securityxploded.com/api-call-tracing-with-pefile-pydbg-and-idapython.php
 853 | -  https://www.cnblogs.com/0xJDchen/p/7527236.html
 854 | -  http://www.williballenthin.com/blog/2015/09/04/idapython-synchronization-decorator/
 855 | -  https://www.fireeye.com/blog/threat-research/2015/01/flare_ida_pro_script.html
 856 | -  https://bbs.pediy.com/thread-226983.htm
 857 | -  https://www.trustwave.com/Resources/SpiderLabs-Blog/Defeating-Flame-String-Obfuscation-with-IDAPython/
 858 | -  https://www.anquanke.com/post/id/151898
 859 | -  https://edoc.site/idapython-bookpdf-pdf-free.html
 860 | -  https://serializethoughts.com/tag/idapython/
 861 | -  https://exploiting.wordpress.com/2011/12/06/quickpost-idapython-script-to-identify-unrecognized-functions/
 862 | -  http://barbie.uta.edu/~xlren/Diaphora/diaphora_help.pdf
 863 | -  https://www.jianshu.com/p/ee789e8acb03
 864 | -  http://blog.51cto.com/watertoeast/2084700
 865 | -  http://blog.51cto.com/watertoeast/1352787
 866 | -  https://blog.clamav.net/2014/02/generating-clamav-signatures-with.html
 867 | -  https://www.mnin.org/write/2006_extract_xor.pdf
 868 | -  http://www.hexacorn.com/blog/2015/12/21/idapython-making-strings-decompiler-friendly/
 869 | -  http://standa-note.blogspot.com/2015/01/arm-exception-handling-and-idapython.html
 870 | -  http://codegist.net/code/idapython-script/
 871 | -  https://reverseengineering.stackexchange.com/questions/16055/idapython-get-xrefs-to-a-stack-variable
 872 | 
 873 | ## pykd
 874 | 
 875 | -  https://www.anquanke.com/post/id/86909
 876 | -  https://www.anquanke.com/post/id/86896
 877 | -  https://www.anquanke.com/post/id/83205
 878 | -  https://blog.csdn.net/jimoguilai/article/details/25286029
 879 | -  https://blog.csdn.net/jimoguilai/article/details/29827283
 880 | -  https://blog.csdn.net/jimoguilai/article/details/38122863
 881 | -  https://blog.csdn.net/linux_vae/article/details/77532758
 882 | -  https://blog.csdn.net/linux_vae/article/details/77532758
 883 | -  https://blog.csdn.net/ambihan/article/details/35775933
 884 | -  https://www.zerodayinitiative.com/blog/2018/7/19/mindshare-an-introduction-to-pykd
 885 | -  https://www.cnblogs.com/fanzi2009/archive/2012/12/10/2811543.html
 886 | -  https://cloud.tencent.com/developer/article/1005628
 887 | -  http://eternalsakura13.com/2018/07/03/firefox_env/
 888 | -  https://binvoke.com/inline-assembly-in-x64/
 889 | -  https://webstersprodigy.net/2014/01/06/soft-function-hooking-with-windbg-and-pykd/
 890 | -  https://rayanfam.com/topics/pykd-tutorial-part1/
 891 | -  https://rayanfam.com/topics/pykd-tutorial-part2/
 892 | -  https://labs.mwrinfosecurity.com/blog/heap-tracing-with-windbg-and-python/
 893 | -  http://www.miguelventura.pt/scripting-windbg-with-pykd.html
 894 | -  https://labs.nettitude.com/blog/windbg-using-pykd-to-dump-private-symbols/
 895 | -  https://webstersprodigy.net/2014/01/06/soft-function-hooking-with-windbg-and-pykd/
 896 | -  https://www.cnblogs.com/fanzi2009/archive/2012/12/10/2811543.html
 897 | -  http://www.freebuf.com/articles/system/103816.html
 898 | -  https://bbs.pediy.com/thread-224904.htm
 899 | -  http://theevilbit.blogspot.com/2017/09/pool-spraying-fun-part-1.html
 900 | -  http://theevilbit.blogspot.com/2017/09/windows-kernel-pool-spraying-fun-part-2.html
 901 | -  http://theevilbit.blogspot.com/2017/09/windows-kernel-pool-spraying-fun-part-3.html
 902 | -  http://theevilbit.blogspot.com/2017/09/windows-kernel-pool-spraying-fun-part-4.html
 903 | 
 904 | ## rpc
 905 | 
 906 | -  https://github.com/gentilkiwi/basic_rpc
 907 | 
 908 | ## hash dump
 909 | 
 910 | -  https://github.com/gentilkiwi/mimikatz
 911 | 
 912 | ##  auxiliary lib
 913 | 
 914 | -  https://github.com/David-Reguera-Garcia-Dreg/auxlib
 915 | 
 916 | ## ring3 nt api
 917 | 
 918 | -  https://github.com/Chuyu-Team/NativeLib
 919 | 
 920 | ## dll hijack
 921 | 
 922 | -  https://github.com/strivexjun/AheadLib-x86-x64
 923 | 
 924 | ## winpcap
 925 | 
 926 | -  https://github.com/klemenb/fiddly
 927 | -  http://blog.csdn.net/Ni9htMar3/article/details/54612394
 928 | -  https://www.cnblogs.com/xcj26/articles/6073411.html
 929 | -  http://www.freebuf.com/articles/system/103526.html
 930 | -  https://github.com/illahaha/zxarps (arpcheat)
 931 | -  https://github.com/sincoder/zxarps (arpcheat)
 932 | 
 933 | ## metasploit
 934 | 
 935 | -  https://github.com/ExpLife/metasploit-framework
 936 | -  https://github.com/NytroRST/NetRipper
 937 | -  https://github.com/breenmachine/RottenPotatoNG
 938 | 
 939 | ## shadow
 940 | 
 941 | -  https://github.com/lcxl/lcxl-shadow
 942 | 
 943 | ## http
 944 | 
 945 | -  https://github.com/OlehKulykov/libnhr
 946 | -  https://github.com/erickutcher/httpdownloader
 947 | 
 948 | ## https proxy
 949 | 
 950 | -  http://anyproxy.io/cn/
 951 | -  https://github.com/killbug2004/HttpsProxy
 952 | -  https://github.com/erickutcher/httpproxy
 953 | 
 954 | ## sock proxy
 955 | 
 956 | -  https://github.com/liulilittle/PaperAirplane
 957 | 
 958 | ## mitm
 959 | 
 960 | -  https://github.com/sipt/shuttle (GO)
 961 | -  https://github.com/conorpp/MiTM-HTTP-Proxy
 962 | -  https://github.com/moxie0/sslsniff
 963 | -  https://github.com/wuchangming/node-mitmproxy
 964 | -  https://github.com/hostilefork/flatworm
 965 | -  https://github.com/progtramder/webproxy
 966 | -  https://github.com/empijei/wapty
 967 | -  https://github.com/xxxxnnxxxx/HttpProxy
 968 | -  https://github.com/astibal/smithproxy
 969 | -  https://github.com/TechnikEmpire/CitadelCore
 970 | -  https://github.com/TechnikEmpire/HttpFilteringEngine
 971 | -  https://blog.csdn.net/kunyus/article/details/78679717
 972 | -  https://github.com/liuyufei/SSLKiller
 973 | -  http://blog.csdn.net/Tencent_Bugly/article/details/72626127
 974 | -  https://github.com/pfussell/pivotal
 975 | 
 976 | ## ssl
 977 | 
 978 | -  https://github.com/edwig/SSLSocket
 979 | 
 980 | ## json
 981 | 
 982 | -  https://github.com/marcusbotacin/MyJSON
 983 | 
 984 | ## awesome
 985 | 
 986 | -  https://github.com/Escapingbug/awesome-browser-exploit
 987 | -  https://github.com/CaledoniaProject/awesome-opensource-security
 988 | -  https://github.com/rshipp/awesome-malware-analysis
 989 | -  https://github.com/lmy375/awesome-vmp
 990 | -  https://github.com/ksluckow/awesome-symbolic-execution
 991 | -  https://github.com/szysec/ctftest
 992 | -  https://stackoverflow.com/questions/4946685/good-tutorial-for-windbg
 993 | -  https://github.com/rmusser01/Infosec_Reference
 994 | -  https://github.com/sam-b/windows_kernel_resources
 995 | -  https://github.com/EbookFoundation/free-programming-books
 996 | -  https://github.com/justjavac/free-programming-books-zh_CN
 997 | -  https://github.com/rmusser01/Infosec_Reference/
 998 | -  https://github.com/jshaw87/Cheatsheets
 999 | -  https://github.com/RPISEC/MBE
1000 | 
1001 | ## windows Driver Kit ddi (device driver interface) documentation
1002 | 
1003 | -  https://docs.microsoft.com/zh-cn/windows-hardware/drivers/ddi/
1004 | -  https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/windbg-scripting-preview
1005 | 
1006 | ## windbg preview & jsprovider
1007 | 
1008 | - https://bbs.pediy.com/thread-246449.htm
1009 | - http://doar-e.github.io/blog/2017/12/01/debugger-data-model/
1010 | 
1011 | ## anti-anti-vm
1012 | 
1013 | - https://github.com/hzqst/VmwareHardenedLoader
1014 | 
1015 | ## vm
1016 | 
1017 | -  https://github.com/tboox/vm86
1018 | 
1019 | ## tools
1020 | 
1021 | - http://bytepointer.com/tools/index.htm#peupdate
1022 | - https://github.com/endgameinc/xori (Dissasemblers blackhat 2018)
1023 | - http://www.softpedia.com/get/Programming/Debuggers-Decompilers-Dissasemblers/
1024 | 
1025 | ## post-exploitation
1026 | 
1027 | - https://github.com/francisck/DanderSpritz_lab 
1028 | - https://github.com/francisck/DanderSpritz_docs
1029 | 
1030 | ## nsa security tools
1031 | 
1032 | -  https://github.com/exploitx3/FUZZBUNCH
1033 | -  https://github.com/fuzzbunch/fuzzbunch
1034 | -  https://github.com/peterpt/fuzzbunch
1035 | 
1036 | ## apt
1037 | 
1038 | -  https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections
1039 | -  https://github.com/kbandla/APTnotes
1040 | -  https://attack.mitre.org/wiki/Groups
1041 | -  https://github.com/fdiskyou/threat-INTel
1042 | 
1043 | ## 3rd party library
1044 | 
1045 | -  https://github.com/kingsamchen/WinAntHttp
1046 | -  https://github.com/kingsamchen/KAdBlockEngine
1047 | -  https://github.com/kingsamchen/KLog
1048 | -  https://github.com/kingsamchen/Eureka
1049 | -  https://zh-cn.libreoffice.org/
1050 | -  https://github.com/GiovanniDicanio/WinReg
1051 | -  https://github.com/GiovanniDicanio/StopwatchWin32
1052 | -  https://github.com/Wintellect/ProcMonDebugOutput
1053 | -  https://github.com/GiovanniDicanio/ReadStringsFromRegistry
1054 | -  https://github.com/GiovanniDicanio/Utf8ConvAtlStl
1055 | -  https://github.com/GiovanniDicanio/StringPool
1056 | -  https://github.com/GiovanniDicanio/MapWithCaseInsensitiveStringKey
1057 | -  https://github.com/GiovanniDicanio/SafeArraySamples
1058 | -  https://github.com/GiovanniDicanio/TestSSO
1059 | -  https://github.com/GiovanniDicanio/DoubleNulTerminatedString
1060 | -  https://github.com/GiovanniDicanio/LoadingCedictBenchmarkCpp
1061 | -  https://github.com/GiovanniDicanio/TestStringSorting
1062 | -  https://github.com/GiovanniDicanio/UnicodeConversions
1063 | -  https://github.com/GiovanniDicanio/TestStringsAtlVsStl
1064 | -  https://github.com/GiovanniDicanio/UnicodeConversionAtl
1065 | -  https://github.com/GiovanniDicanio/StlVectorVsListPerformance
1066 | 
1067 | ## rpc
1068 | 
1069 | -  https://github.com/muxq/hellorpc
1070 | 
1071 | ## miscellaneous
1072 | 
1073 | -  https://rayanfam.com/topics/inline-assembly-in-x64/  (x64 inline asm)
1074 | -  https://www.jianshu.com/p/15be72d919ff (traversing the icon on the desktop)
1075 | -  https://github.com/nshalabi/SysmonTools
1076 | -  https://github.com/nshalabi/ATTACK-Tools
1077 | -  https://github.com/ExpLife0011/hf-2012
1078 | -  https://github.com/tyranid/windows-attacksurface-workshop/ (2018)
1079 | -  https://github.com/CherryPill/system_info
1080 | -  https://github.com/muxq/DPAPI
1081 | -  https://github.com/ExpLife/directntapi
1082 | -  https://github.com/gaozan198912/myproject
1083 | -  https://github.com/k0keoyo/ntoskrnl-symbol-pdb-and-undocument-structures
1084 | -  https://github.com/gentilkiwi/p11proxy
1085 | -  https://github.com/gentilkiwi/kekeo
1086 | -  https://github.com/ExpLife/ByPassCfg
1087 | -  https://github.com/hfiref0x/SXSEXP
1088 | -  https://github.com/hfiref0x/VBoxHardenedLoader
1089 | -  https://github.com/hfiref0x/SyscallTables
1090 | -  https://github.com/hfiref0x/WinObjEx64
1091 | -  https://github.com/Cr4sh/DbgCb
1092 | -  https://github.com/Cr4sh/s6_pcie_microblaze
1093 | -  https://github.com/ionescu007/SpecuCheck
1094 | -  https://github.com/ionescu007/lxss
1095 | -  https://github.com/intel/haxm
1096 | -  https://github.com/akayn/Resources
1097 | -  https://github.com/DarthTon/SecureEraseWin
1098 | -  https://github.com/hfiref0x/UACME
1099 | -  https://github.com/tinysec/windows-syscall-table
1100 | -  https://github.com/tinysec/jsrt
1101 | -  https://github.com/zodiacon/DriverMon
1102 | -  https://github.com/zodiacon/GflagsX
1103 | -  https://github.com/zodiacon/PEExplorer
1104 | -  https://github.com/zodiacon/KernelExplorer
1105 | -  https://github.com/zodiacon/AllTools
1106 | -  https://github.com/zodiacon/WindowsInternals
1107 | -  https://github.com/hackedteam/vector-silent
1108 | -  https://github.com/hackedteam/core-packer
1109 | -  https://github.com/hackedteam/vector-recover
1110 | -  https://github.com/k33nteam/cc-shellcoding
1111 | -  https://github.com/rwfpl/rewolf-wow64ext
1112 | -  https://github.com/rwfpl/rewolf-x86-virtualizer
1113 | -  https://github.com/rwfpl/rewolf-gogogadget
1114 | -  https://github.com/rwfpl/rewolf-dllpackager
1115 | -  https://github.com/Microsoft/ChakraCore
1116 | -  https://github.com/google/symboliclink-testing-tools
1117 | -  https://github.com/ptresearch/IntelME-JTAG
1118 | -  https://github.com/smourier/TraceSpy
1119 | -  https://github.com/G-E-N-E-S-I-S/tasklist-brutus
1120 | -  https://github.com/G-E-N-E-S-I-S/token_manipulation
1121 | -  https://github.com/jjzhang166/sdk
1122 | -  https://github.com/killswitch-GUI/HotLoad-Driver
1123 | -  https://github.com/killswitch-GUI/minidump-lib
1124 | -  https://github.com/killswitch-GUI/win32-named-pipes-example
1125 | -  https://github.com/Kelvinhack/ScreenCapAttack
1126 | -  https://github.com/tyranid/oleviewdotnet
1127 | -  https://github.com/tyranid/CANAPE.Core
1128 | -  https://github.com/tyranid/DotNetToJScript
1129 | 
1130 | ## slides
1131 | 
1132 | -  https://rmusser.net/docs/
1133 | -  https://keenlab.tencent.com/zh
1134 | 
1135 | ## blogs
1136 | 
1137 | -  https://www.fwhibbit.es/sysmon-the-big-brother-of-windows-and-the-super-sysmonview
1138 | -  https://dedbg.com/
1139 | -  https://leguanyuan.blogspot.com
1140 | -  http://www.geoffchappell.com/studies/windows/km/ntoskrnl/api/ex/profile/bugdemo.htm
1141 | -  https://blog.can.ac
1142 | -  https://b33t1e.github.io/2018/01/03/About-VMProtect/
1143 | -  http://www.diting0x.com/
1144 | -  http://lotabout.me/archives/ (write a c interpreter)
1145 | -  http://2997ms.com/2016/10/09/2016/2016-9%E6%9C%88-%E5%90%AD%E5%93%A7%E5%92%94%E5%93%A7/
1146 | -  http://www.trueai.cn/
1147 | -  https://whereisk0shl.top
1148 | -  https://www.anquanke.com/post/id/97245
1149 | -  https://lifeinhex.com
1150 | -  https://vallejo.cc/2017/11/18/installation-and-first-contact-with-the-new-windbg/
1151 | -  http://www.vxjump.net/
1152 | -  https://channel9.msdn.com/Shows/Defrag-Tools
1153 | -  http://windbg.info/
1154 | -  http://windbg.org/
1155 | -  https://msdn.microsoft.com/en-us/library/windows/hardware/ff553217(v=vs.85).aspx
1156 | -  http://www.andreybazhan.com/
1157 | -  https://blogs.technet.microsoft.com/markrussinovich/
1158 | -  http://undocumented.ntinternals.net/
1159 | -  http://j00ru.vexillium.org/
1160 | -  https://sysprogs.com/
1161 | -  http://www.rohitab.com/
1162 | -  https://sww-it.ru/
1163 | -  http://blogs.microsoft.co.il/pavely/
1164 | -  https://www.corelan.be/
1165 | -  http://tombkeeper.blog.techweb.com.cn/
1166 | -  http://www.zer0mem.sk/
1167 | -  http://blog.rewolf.pl/blog/
1168 | -  http://www.alex-ionescu.com/
1169 | -  http://blog.cr4.sh/
1170 | -  https://rootkits.xyz/
1171 | -  https://ixyzero.com/blog/archives/3543.html
1172 | -  https://whereisk0shl.top/
1173 | -  http://www.triplefault.io/2017/09/enumerating-process-thread-and-image.html
1174 | -  http://doar-e.github.io/blog/2017/12/01/debugger-data-model/
1175 | -  https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/debugging-using-windbg-preview
1176 | -  https://blog.xpnsec.com/
1177 | -  https://www.fireeye.com/blog/threat-research/2018/01/simplifying-graphs-in-ida.html
1178 | -  http://gosecure.net/2018/01/10/vmware-horizon-v4h-v4pa-desktop-agent-privilege-escalation-vulnerability-cve-2017-4946/
1179 | -  http://www.msreverseengineering.com/blog/2018/1/23/a-walk-through-tutorial-with-code-on-statically-unpacking-the-finspy-vm-part-one-x86-deobfuscation
1180 | 
1181 | ## web security research site
1182 | 
1183 | -  https://malwaretips.com/
1184 | -  https://www.sec-wiki.com
1185 | -  https://www.anquanke.com/
1186 | -  http://xuanwulab.github.io/cn/secnews/2018/02/08/index.html
1187 | -  http://www.vxjump.net/
1188 | -  https://www.pediy.com/
1189 | -  https://navisec.it/
1190 | -  http://www.secbang.com/
1191 | 
1192 | ## development documents
1193 | 
1194 | - http://devdocs.io/
1195 | - https://zealdocs.org/
1196 | 
1197 | ## docker
1198 | 
1199 | - http://dockone.io/search/q-RG9ja09uZeaKgOacr+WIhuS6qw==#articles
1200 | 
1201 | ## leaked source code 
1202 | 
1203 | -  https://github.com/misterch0c/shadowbroker  (NSA)
1204 | -  https://github.com/pustladi/Windows-2000
1205 | -  https://github.com/killbug2004/NT_4.0_SourceCode
1206 | -  https://github.com/pustladi/TrueCrypt-7.2
1207 | -  https://github.com/pustladi/MS-DOS-v.1.1
1208 | -  https://github.com/pustladi/MS-DOS-v.2.0
1209 | 
1210 | ## sspi
1211 | 
1212 | - https://github.com/deemru/msspi
1213 | - https://github.com/vletoux/DetectPasswordViaNTLMInFlow
1214 | - https://github.com/judek/sspiauthenticate
1215 | - https://github.com/BobCatC/xSspi
1216 | - https://github.com/sishtiaq/SampleSSPICode
1217 | - https://github.com/liamkirton/sslpyfilter
1218 | - https://github.com/bschlenk/gsspp
1219 | 
1220 | ## openssl
1221 | 
1222 | -  https://github.com/hioa-cs/IncludeOS/blob/fd92a5394b493b5b645b2123966d38c1576df250/src/net/https/openssl_server.cpp#L72
1223 | -  https://github.com/robertblackwell/marvincpp
1224 | -  https://github.com/equalitie/ouinet
1225 | -  https://github.com/LiTianjue/mite-note
1226 | -  https://blog.csdn.net/dotalee/article/details/78041691
1227 | -  https://www.cnblogs.com/kennyhr/p/3746048.html
1228 | 
1229 | ## pdb
1230 | 
1231 | -  https://github.com/wbenny/pdbex
1232 | 
1233 | ## gpu
1234 | 
1235 | -  https://github.com/Volkanite/Push
1236 | 
1237 | ## crypto api
1238 | 
1239 | -  https://github.com/maldevel/AES256
1240 | -  https://github.com/wbenny/mini-tor
1241 | -  https://github.com/wyrover/CryptoAPI-examples
1242 | -  https://github.com/fmuecke/CryptoApi
1243 | -  https://github.com/ViartX/CacheCrypto
1244 | -  https://github.com/Deerenaros/CryptoAPIWrapper
1245 | -  https://github.com/maldevel/SHA256
1246 | -  https://github.com/13g10n/crypto
1247 | 
1248 | ## iot sec
1249 | 
1250 | -  https://iot.sec-wiki.com/
1251 | 
1252 | ## ascii banner
1253 | 
1254 | - http://www.network-science.de/ascii/
1255 | - http://www.degraeve.com/img2txt.php
1256 | 
1257 | ## book code
1258 | 
1259 | -  https://github.com/yifengyou/32to64
1260 | -  https://github.com/elephantos/elephant
1261 | -  https://github.com/yifengyou/Android-software-security-and-reverse-analysis
1262 | -  https://github.com/yifengyou/Code-virtualization-and-automation-analysis
1263 | -  https://github.com/yifengyou/Software-protection-and-analysis-techniques---principles-and-practices
1264 | -  https://github.com/yifengyou/X86-assembly-language-from-real-mode-to-protection-mode
1265 | 
1266 | ## regex
1267 | 
1268 | - https://github.com/zeeshanu/learn-regex
1269 | 
1270 | ## ebook
1271 | 
1272 | - http://www.foxebook.net/
1273 | 
1274 | ## library
1275 | 
1276 | -  https://www.ctolib.com/
1277 | 


--------------------------------------------------------------------------------
/logo.svg:
--------------------------------------------------------------------------------
1 | <svg xmlns="http://www.w3.org/2000/svg" viewBox="-178.3 -167.1 1000 700"><path d="M79.9 323.1c4 0 7.3 1.4 10.1 4.2 2.8 2.8 4.2 6.2 4.2 10.1V387H43.5c-4 0-7.3-1.4-10.1-4.2-2.8-2.8-4.2-6.2-4.2-10.1v-23.6h53.1v-11.7c0-.7-.2-1.2-.7-1.7-.5-.5-1-.7-1.7-.7H29.2v-11.9h50.7zm2.4 52V361H41.1v11.7c0 .7.2 1.2.7 1.7.5.5 1 .7 1.7.7h38.8zm114.7-52h12.7l-24 63.9H176l-21.5-47.5-20.3 47.5-.2-.1.1.1h-9.6l-25.1-63.9H112l17.3 42.4 18.4-42.4h13.6l19.5 42.4 16.2-42.4zm67.2 0c4 0 7.3 1.4 10.1 4.2 2.8 2.8 4.2 6.2 4.2 10.1V361h-53.1v11.7c0 .7.2 1.2.7 1.7.5.5 1 .7 1.7.7h50.7V387h-50.7c-4 0-7.3-1.4-10.1-4.2-2.8-2.8-4.2-6.2-4.2-10.1v-35.3c0-4 1.4-7.3 4.2-10.1 2.8-2.8 6.2-4.2 10.1-4.2h36.4zm-38.8 26h41.2v-11.7c0-.7-.2-1.2-.7-1.7-.5-.5-1-.7-1.7-.7h-36.4c-.7 0-1.2.2-1.7.7-.5.5-.7 1-.7 1.7v11.7zm129-11.6v2.4h-11.9v-2.4c0-.7-.2-1.2-.7-1.7-.5-.5-1-.7-1.7-.7h-36.4c-.7 0-1.2.2-1.7.7-.5.5-.7 1-.7 1.7v9.3c0 .7.2 1.2.7 1.7.5.5 1 .7 1.7.7h36.4c4 0 7.3 1.4 10.1 4.2 2.8 2.8 4.2 6.2 4.2 10.1v9.3c0 4-1.4 7.3-4.2 10.1-2.8 2.8-6.2 4.2-10.1 4.2h-36.4c-4 0-7.3-1.4-10.1-4.2-2.8-2.8-4.2-6.2-4.2-10.1v-2.4h11.9v2.4c0 .7.2 1.2.7 1.7.5.5 1 .7 1.7.7h36.4c.7 0 1.2-.2 1.7-.7.5-.5.7-1 .7-1.7v-9.3c0-.7-.2-1.2-.7-1.7-.5-.5-1-.7-1.7-.7h-36.4c-4 0-7.3-1.4-10.1-4.2-2.8-2.8-4.2-6.2-4.2-10.1v-9.3c0-4 1.4-7.3 4.2-10.1 2.8-2.8 6.2-4.2 10.1-4.2h36.4c4 0 7.3 1.4 10.1 4.2 2.8 2.7 4.2 6.1 4.2 10.1zm25.2-14.4H416c4 0 7.3 1.4 10.1 4.2 2.8 2.8 4.2 6.2 4.2 10.1v35.3c0 4-1.4 7.3-4.2 10.1-2.8 2.8-6.2 4.2-10.1 4.2h-36.4c-4 0-7.3-1.4-10.1-4.2-2.8-2.8-4.2-6.2-4.2-10.1v-35.3c0-4 1.4-7.3 4.2-10.1 2.8-2.8 6.2-4.2 10.1-4.2zM416 335h-36.4c-.7 0-1.2.2-1.7.7-.5.5-.7 1-.7 1.7v35.3c0 .7.2 1.2.7 1.7.5.5 1 .7 1.7.7H416c.7 0 1.2-.2 1.7-.7.5-.5.7-1 .7-1.7v-35.3c0-.7-.2-1.2-.7-1.7-.5-.4-1-.7-1.7-.7zm107.5-11.9c4 0 7.3 1.4 10.1 4.2 2.8 2.8 4.2 6.2 4.2 10.1V387H526v-49.6c0-.7-.2-1.2-.7-1.7-.5-.5-1.1-.7-1.8-.7h-25.2c-.7 0-1.2.2-1.7.7-.5.5-.7 1-.7 1.7V387H484v-49.6c0-.7-.2-1.2-.7-1.7-.5-.5-1-.7-1.7-.7h-25.3c-.7 0-1.2.2-1.7.7-.5.5-.7 1-.7 1.7V387H442v-63.9h81.5zm76.5 0c4 0 7.3 1.4 10.1 4.2 2.8 2.8 4.2 6.2 4.2 10.1V361h-53.1v11.7c0 .7.2 1.2.7 1.7.5.5 1 .7 1.7.7h50.7V387h-50.7c-4 0-7.3-1.4-10.1-4.2-2.8-2.8-4.2-6.2-4.2-10.1v-35.3c0-4 1.4-7.3 4.2-10.1 2.8-2.8 6.2-4.2 10.1-4.2H600zm-38.8 26h41.2v-11.7c0-.7-.2-1.2-.7-1.7-.5-.5-1-.7-1.7-.7h-36.4c-.7 0-1.2.2-1.7.7-.5.5-.7 1-.7 1.7v11.7z" fill="#494368"/><path fill="#FC60A8" d="M614.2 91l-150-137.6-21.1 23L568.1 91H75.4l125-114.7-21.1-23L29.3 91h-.1v90.7c0 41 39.5 74.4 88 74.4h92.5c48.5 0 88-33.4 88-74.4v-59.6h48v59.6c0 41 39.5 74.4 88 74.4h92.5c48.5 0 88-33.4 88-74.4V91z"/></svg>
2 | 


--------------------------------------------------------------------------------