powershell

powershell

• https://github.com/rootclay/Powershell-Attack-Guide

pe file format

• https://github.com/corkami/pics

asm ide

• https://github.com/ThomasJaeger/VisualMASM
• https://github.com/Dman95/SASM
• https://github.com/mrfearless/UASM-with-RadASM

meltdown/spectre poc

• https://github.com/turbo/KPTI-PoC-Collection
• https://github.com/gkaindl/meltdown-poc
• https://github.com/feruxmax/meltdown
• https://github.com/Eugnis/spectre-attack

lightweight c++ gui library

• https://github.com/Xoliper/ANGE
• https://github.com/iUIShop/LibUIDK (mfc skin ui)
• https://github.com/zlgopen/awtk
• https://github.com/idea4good/GuiLite
• https://github.com/golang-ui/nuklear
• https://github.com/Dovyski/cvui
• https://github.com/andlabs/libui
• https://github.com/hasaranga/RFC-Framework
• https://github.com/dustpg/LongUI
• https://github.com/bognikol/Eleusis

direct ui

• http://www.skinui.cn/
• https://www.showdoc.cc/skinui?page_id=135303
• http://help.5yyz.com/665984
• https://github.com/SOUI2/soui
• https://github.com/netease-im/NIM_Duilib_Framework
• https://github.com/gclxry/EasyDuilib
• https://github.com/v-star0719/MFC_LogicalWnd
• https://github.com/duzhi5368/FKDuiLibEditor
• https://github.com/wanttobeno/bkuilib
• https://github.com/wanttobeno/XSkin1.0
• https://github.com/idea4good/GuiLite
• https://github.com/redrains/DuiLib_Redrain
• https://github.com/wanttobeno/UIDesigner
• https://github.com/zhongyang219/TrafficMonitor
• https://github.com/wanttobeno/Duilib_Extension
• https://github.com/zhongyang219/MusicPlayer2
• https://github.com/nmgwddj/duilib_tutorial
• https://github.com/redrains/DuiLib_Redrain
• https://github.com/nmgwddj/InstallAssist
• https://github.com/netease-im/NIM_PC_UIKit
• https://github.com/nmgwddj/Optimizer
• https://github.com/nmgwddj/BarPCMaster (netbar)

chrome

• https://github.com/shuax/GreenChrome

chrome Extension

• https://github.com/Tuhinshubhra/ExtAnalysis

cef

• https://github.com/fanfeilong/cefutil
• https://github.com/acristoffers/CEF3SimpleSample
• https://github.com/sanwer/Browser

WebBrowser

• https://github.com/zhichao281/duilib-MiniBlinkBrowser
• https://github.com/litehtml/litebrowser
• https://github.com/venam/Browser (lib)
• https://github.com/wanttobeno/Study_IWebBrowser2

d3d

• https://github.com/MKXJun/DirectX11-With-Windows-SDK
• https://github.com/ThirteenAG/d3d9-wrapper

lua

• https://github.com/vinniefalco/LuaBridge

c++ 11/14/17/20

• https://github.com/xiaoweiChen/CPP-Concurrency-In-Action-2ed-2019
• https://github.com/xiaoweiChen/CPP-17-STL-cookbook
• https://github.com/changkun/modern-cpp-tutorial

cmake

• https://github.com/xiaoweiChen/CMake-Cookbook

DesignPattern

• https://design-patterns.readthedocs.io/zh_CN/latest/index.html
• https://github.com/Waleon/DesignPatterns
• https://github.com/GoodmanTao/DesignPatternInC

c++ & js

• https://github.com/xhawk18/promise-cpp
• https://github.com/panopticoncentral/jsrt-wrappers
• https://github.com/wargio/WSH-Framework
• https://github.com/ExpLife0011/WebBrowser
• https://github.com/wanttobeno/Study_mujs

gdi/gdi+

• http://www.mctrl.org/ (win32 control lib)
• https://github.com/wanttobeno/AlphaEditor
• https://github.com/wanttobeno/FastZoomDemo (zoom)
• https://github.com/wanttobeno/GdiPlusTextEffect
• https://github.com/wanttobeno/GdiPlusString
• https://github.com/wanttobeno/WindowFinder
• https://github.com/wanttobeno/ymagine
• https://github.com/wanttobeno/levels-adjustment
• https://github.com/wanttobeno/ElipsePic
• https://github.com/wanttobeno/windows-effect
• https://github.com/wanttobeno/Study_easing_animation
• https://github.com/wanttobeno/Study_FindPicAlgorithm (find picture algorithm)
• https://github.com/wanttobeno/Window_GlassIntro_demo

computer vision & machine learning

• https://github.com/wanttobeno/sod

compress

• https://github.com/wanttobeno/snappy

Dongle

• https://github.com/wanttobeno/Dongle

spy++

• https://github.com/wjx0912/MySpy

Shell Extension for Windows Explorer

• https://github.com/derceg/explorerplusplus
• https://github.com/XhmikosR/perfmonbar (perfmonbar)
• https://github.com/abhimanyusirohi/ThumbFish (nice demo)
• https://github.com/matssigge/JASE
• https://github.com/Oeffner/MtzExtInfoTip
• https://github.com/danielgrigg/ContextMenuDemo
• https://github.com/monolithpl/stexbar
• https://github.com/CaSchmidt/csMenu
• https://github.com/blndev/ExplorerUtilitys
• https://github.com/pke/Windows-Explorer-OSGi-Shell-Extensions
• https://github.com/Anton-V-K/MultiThumbExtension
• https://github.com/0ffffffffh/ffmpegShellExtension
• https://github.com/Ralph-Lee/WinShellExt
• https://github.com/slivermeteor/LockKeys
• https://github.com/alexandermenze/ShellExtensionInfoTip
• https://github.com/jbrandwood/EditWith
• https://github.com/calzakk/CyoHash
• https://github.com/asa75asa/ImageResizer
• https://github.com/tillig/JunctionShellExtensions
• https://github.com/keybase/KBShellExt
• https://github.com/T800G/StatusBar7
• https://github.com/vladm3/ShellExtension
• https://github.com/sop/cygextreg
• https://github.com/AndreasVerhoeven/HTMLPreviewShellExtension
• https://github.com/alvinhochun/KritaShellExtension
• https://github.com/AUTOMATIC1111/3ds-shell
• https://github.com/google/google-drive-shell-extension
• https://github.com/TortoiseGit/TortoiseGit
• https://github.com/sanje2v/MantaPropertyExtension
• https://github.com/phwitti/cmdhere

windows system programming

• https://github.com/btbd/access (Access without a real handle)
• https://github.com/CoatiSoftware/Sourcetrail (Source code explorer)
• https://github.com/DoubleLabyrinth/WindowsSudo
• https://github.com/AzureGreen/NetView
• https://github.com/MFCer/AutoUpdate
• https://github.com/ufrisk/LeechCore (Physical Memory Acquisition Library)
• https://github.com/marcosd4h/sysmonx
• https://github.com/Dankirk/RegSLScan
• https://github.com/nogginware/mstscdump
• https://github.com/zodiacon/ApiSetView
• https://github.com/DOGSHITD/SciDetectorApp (SCI)
• https://github.com/DOGSHITD/AcpiTool (ACPI)
• https://github.com/VertexToEdge/WindowFunctionTracer
• https://github.com/sganis/golddrive
• https://github.com/yanncam/exe2powershell
• https://github.com/owodelta/coilgun (Direct API Calling)
• https://github.com/NYAN-x-CAT/Disable-Windows-Defender
• https://github.com/d35ha/CallObfuscator
• https://github.com/zodiacon/RegEditX
• https://github.com/ZhanLang/jcfs (everything)
• https://github.com/ZhanLang/msdk (sdk)
• https://github.com/MiroKaku/ConMon
• https://github.com/SinaKarvandi/Process-Magics
• https://github.com/LoukaMB/ExceptionSupervisor
• https://github.com/zmrbak/PcWeChatHooK
• https://github.com/not-matthias/Nemesis (process dumper)
• https://github.com/QAX-A-Team/EventCleaner
• https://github.com/BlackINT3/none (common lib)
• https://github.com/77Sera/BrowserSecurity
• https://github.com/amitwaisel/Malproxy (Proxy system calls over an RPC channel)
• https://github.com/jnastarot/soul_eater (it can extract functions from .dll, .exe, .sys)
• https://github.com/mtth-bfft/lsobj
• https://github.com/mtth-bfft/ntsec
• https://github.com/fritzone/obfy
• https://github.com/microsoft/NetworkDirect
• https://github.com/jay/gethooks
• https://github.com/laxodev/RAII-WINAPI-Memory-Manager
• https://github.com/hfiref0x/WDExtract
• https://github.com/binbibi/libedge
• https://github.com/bb107/WinSudo
• https://github.com/can1357/WinFaults
• https://github.com/Silica/sandbox
• https://github.com/horsicq/Nauz-File-Detector
• https://github.com/horsicq/xntsv (nt struct)
• https://github.com/jnastarot/shibari (pe+)
• https://github.com/NoMoreFood/WinPriv
• https://github.com/yejiansnake/windows-sys-base
• https://github.com/lifenjoiner/pacdbger
• https://github.com/lifenjoiner/sendto-plus
• https://github.com/billziss-gh/winspd
• https://github.com/ffiirree/Capturer
• https://github.com/Claybird/lhaforge
• https://github.com/jjzhang166/nargnos-WindowsUtil
• https://github.com/cool2528/baiduCDP
• https://github.com/anhkgg/SuperWeChatPC
• https://github.com/Alex3434/GetHDDSerial
• https://github.com/TonyChen56/HackerTools
• https://github.com/libyal/liblnk
• https://github.com/NtRaiseHardError/Kaiser
• https://github.com/mengskysama/V8 (chrome v8 engine)
• https://github.com/locustwei/WorkBack
• https://github.com/360-A-Team/EventCleaner
• https://github.com/Microsoft/Windows-classic-samples
• https://github.com/troldal/OpenXLSX (.xlsx format)
• https://github.com/mity/windrawlib (GDI+ Helper)
• https://github.com/henrypp/errorlookup
• https://github.com/longmode/authzsec-mod-um (AppContainer and ACL)
• https://github.com/henrypp/memreduct
• https://github.com/thomaslaurenson/LiveDiff (live diff)
• https://github.com/thomaslaurenson/CellXML-offreg (hive file parse)
• https://github.com/zhaolong/libparser (static lib parse)
• https://github.com/WildByDesign/Privexec
• https://github.com/KangLin/RabbitIm
• https://github.com/kingsunc/MiniDump
• https://github.com/amdf/reparselib
• https://github.com/Zero3K/connectfusion (download manager)
• https://github.com/Zero3K/ERAM (RAM Disk)
• https://github.com/bailey27/cppcryptfs ( gocryptfs encrypted overlay filesystem)
• https://github.com/etsubu/MacroRecorder (recording keyboard and mouse macros)
• https://github.com/wyrover/CodeLib
• https://github.com/Rprop/CppDLL (dll to .h and lib)
• https://github.com/seledka/syslib
• https://github.com/leecher1337/regremap
• https://github.com/webees/ADkiller
• https://github.com/skysilent/coroutine_study (fiber)
• https://github.com/ruusty/NAntMenu
• https://github.com/chrdavis/PIFShellExtensions
• https://github.com/codepongo/zshellext
• https://github.com/lz77win/lz77win_sources
• https://github.com/Microsoft/perfview
• https://github.com/GameTechDev/PresentMon
• https://github.com/hfiref0x/BSODScreen
• https://github.com/CasualX/LibEx
• https://github.com/syhyz1990/baiduyun
• https://github.com/WalkingCat/SymDiff
• https://github.com/libyal/libevtx
• https://github.com/wanttobeno/Screenshot
• https://github.com/scarsty/tinypot
• https://github.com/jonasblunck/DynHook
• https://github.com/y11en/PEBFake (PEB fake)
• https://github.com/wanttobeno/mousehook (setwindowhook)
• https://github.com/wanttobeno/DXF-Viewer
• https://github.com/wanttobeno/XmlConfigDemo
• https://github.com/wanttobeno/GeneralHashFunctions
• https://github.com/wanttobeno/Chrome-base-cpu
• https://github.com/wanttobeno/stl_util
• https://github.com/wanttobeno/LinkHelper
• https://github.com/wanttobeno/Ring3GetProcessInfo
• https://github.com/zsummer/breeze
• https://github.com/wanttobeno/SoftWareManager
• https://github.com/wanttobeno/GetMacAddress
• https://github.com/wanttobeno/HtmlViewer
• https://github.com/wanttobeno/AltServer
• https://github.com/wanttobeno/GetPeInfo
• https://github.com/wanttobeno/notepad
• https://github.com/wanttobeno/PELearningMaterials
• https://github.com/wanttobeno/Detours_4.0.1
• https://github.com/wanttobeno/skinsb
• https://github.com/wanttobeno/DLib-Attacher
• https://github.com/wanttobeno/VmpHandle
• https://github.com/wanttobeno/ScopeGuard (resource safe delete)
• https://github.com/wanttobeno/HashMapDemo
• https://github.com/wanttobeno/nanob (protobuf)
• https://github.com/wanttobeno/baidu-sofa-pbrpc-win (protobuf)
• https://github.com/xlet/UpdateClient
• https://github.com/wanttobeno/AesFileProtection
• https://github.com/wanttobeno/IeProxy
• https://github.com/wanttobeno/MyProtocol
• https://github.com/wanttobeno/Window_KeyAndMouseHook
• https://github.com/wanttobeno/doublebufferedqueue (double buffered queue)
• https://github.com/DoubleLabyrinth/010Editor-keygen (keygen)
• https://github.com/wanttobeno/Cpp11ThreadPool
• https://github.com/wanttobeno/Study_shellcode (shellcode)
• https://github.com/wanttobeno/Study_algorithm (data struct)
• https://github.com/wanttobeno/ThreadPool
• https://github.com/wanttobeno/Study_threadpool (thread pool)
• https://github.com/wanttobeno/Study_Websocket (websocket)
• https://github.com/Amanieu/asyncplusplus
• https://github.com/wanttobeno/Study_Socket
• https://github.com/wanttobeno/DllProtect
• https://github.com/allenyllee/The-CPUID-Explorer
• https://github.com/wanttobeno/SunDaySearchSignCode
• https://github.com/wanttobeno/x64_AOB_Search (fast search memory algorithm)
• https://github.com/wanttobeno/iQIYI_Web_Video_Upload (http simulate upload)
• https://github.com/wanttobeno/Study_XiaoMi_Login (https simulate login)
• https://github.com/fawdlstty/NetToolbox
• https://github.com/hzqst/FuckCertVerifyTimeValidity
• https://github.com/717021/PCMgr (task manager)
• https://github.com/silverf0x/RpcView (rpc)
• https://github.com/ez8-co/unlocker ()
• https://github.com/nkga/self-updater (framework for secure self-update)
• https://github.com/liamkirton/sslcat (nc with ssl)
• https://github.com/Seineruo/RSA-Tool
• https://github.com/PBfordev/wxAutoExcel
• https://github.com/ax330d/Symex
• https://github.com/Biswa96/PDBDownloader
• https://github.com/Biswa96/TraceEvent
• https://github.com/hfiref0x/Misc
• https://github.com/SergioCalderonR/DelSvc
• https://github.com/wyrover/win-privileges-examples (DACL)
• https://github.com/nccgroup/WindowsDACLEnumProject (DACL)
• https://github.com/xqymain/ServerLocker
• https://github.com/wanttobeno/SunDaySearchSignCode (fast search memory)
• https://github.com/zhongyang219/SimpleNotePad
• https://github.com/zhongyang219/TrafficMonitor
• https://github.com/codereba/data_scrambler (scrambler)
• https://github.com/3gstudent/Catch-specified-file-s-handle (enum file handle)
• https://github.com/intel/safestringlib
• https://github.com/eyusoft/asutlity
• https://github.com/ThomasThelen/BrowserLib
• https://github.com/OSRDrivers/dirchange
• https://github.com/OSRDrivers/deleteex (FileDispositionInfoEx)
• https://github.com/notscimmy/YASS (sig scanner)
• https://github.com/942860759/BrowserHistory
• https://github.com/NoMoreFood/putty-cac
• https://github.com/NoMoreFood/Repacls
• https://github.com/NoMoreFood/WinPriv
• https://github.com/NoMoreFood/Crypture
• https://github.com/Microsoft/winfile
• https://github.com/mullvad/windows-libraries
• https://github.com/wjcsharp/wintools
• https://github.com/nmgwddj/logs-monitor
• https://github.com/nmgwddj/TaskbarTool
• https://github.com/nmgwddj/DevCon
• https://github.com/nmgwddj/SystemProcessInfo
• https://github.com/nmgwddj/ServiceMgr

wsl/unix

• https://github.com/Mermeze/wslam (wsl anti malware)
• https://github.com/Biswa96/WSLInstall
• https://github.com/Biswa96/WslReverse
• https://github.com/Biswa96/XConPty
• https://github.com/mintty/wsltty.appx

device tree

• https://github.com/MartinDrab/VrtuleTree

irp monitor

• https://github.com/MartinDrab/IRPMon

nt crucial modules

• https://github.com/MeeSong/Nt-Crucial-Modules

windows kernel driver

• https://github.com/dearfuture/DriverTutorial
• https://github.com/G4rb3n/Windows-Driver
• https://github.com/btbd/wpp (Intercepting DeviceControl via WPP)
• https://github.com/maharmstone/smbfs (SMB filesystem driver for Windows)
• https://github.com/maharmstone/btrfs (Windows driver for the next-generation Linux filesystem Btrfs)
• https://github.com/zodiacon/windowskernelprogrammingbook (sample)
• https://github.com/0xcpu/ExecutiveCallbackObjects
• https://github.com/alxbrn/r6s-external-nuklear-socket
• https://github.com/vmcall/dxgkrnl_hook
• https://github.com/alxbrn/kdmapper-1803-1903
• https://github.com/juniorjacob/readwrite-kernel-stable
• https://github.com/mstefanowich/IsFileSigned
• https://github.com/apriorit/antirootkit-anti-splicer
• https://github.com/Mouka-Yang/KernelDriverDemo
• https://github.com/tomLadder/WinLib
• https://github.com/coltonon/MoaRpm
• https://github.com/wanttobeno/ProcessManager_Ring0
• https://github.com/wanttobeno/Win_Driver_Mouse_And_Key
• https://github.com/wanttobeno/Win64DriverStudy_Src
• https://github.com/tdevuser/MalwFinder
• https://github.com/Sqdwr/WriteFile_IRP
• https://github.com/nmgwddj/learn-windows-drivers
• https://github.com/mq1n/EasyRing0

windows kernel driver with c++ runtime

• https://github.com/ZhanLang/msddk
• https://github.com/DragonQuestHero/Kernel-Force-Delete (force delete file)
• https://github.com/MeeSong/WDKExt
• https://github.com/HoShiMin/Kernel-Bridge (power)
• https://github.com/wjcsharp/Common
• https://github.com/ExpLife/DriverSTL
• https://github.com/sysprogs/BazisLib
• https://github.com/AmrThabet/winSRDF
• https://github.com/sidyhe/dxx
• https://github.com/zer0mem/libc
• https://github.com/eladraz/XDK
• https://github.com/vic4key/Cat-Driver
• https://github.com/AndrewGaspar/km-stl
• https://github.com/zer0mem/KernelProject
• https://github.com/zer0mem/miniCommon
• https://github.com/jackqk/mystudy
• https://github.com/yogendersolanki91/Kernel-Driver-Example

blackbone

• https://github.com/AbinMM/MemDllLoader_Blackbone
• https://github.com/hzqst/unicorn_pe
• https://github.com/nofvcks/AimKit-Pasted-Driver
• https://github.com/alexpsp00/x-elite-loader
• https://github.com/DarthTon/Xenos
• https://github.com/DarthTon/Blackbone

hidinput

• https://github.com/changeofpace/MouHidInputHook
• https://github.com/hawku/TabletDriver
• https://github.com/ViGEm/HidGuardian
• https://github.com/ecologylab/EcoTUIODriver
• https://github.com/djpnewton/vmulti
• https://github.com/duzhi5368/FKHIDKeyboardSimTest (support usb)
• https://github.com/Jehoash/WinIO3.0

dkom

• https://github.com/waryas/EUPMAccess
• https://github.com/notscimmy/pplib
• https://blog.csdn.net/zhuhuibeishadiao/article/details/51136650 (get process full path name)
• https://bbs.pediy.com/thread-96427.htm (modify process image name)
• https://github.com/ZhuHuiBeiShaDiao/PathModification
• https://github.com/ZhuHuiBeiShaDiao/NewHideDriverEx
• https://github.com/Sqdwr/HideDriver
• https://github.com/nbqofficial/HideDriver
• https://github.com/landhb/HideProcess
• https://github.com/tfairane/DKOM

ssdt hook

• https://github.com/Sqdwr/64-bits-inserthook
• https://github.com/int0/ProcessIsolator
• https://github.com/mrexodia/TitanHide (x64dbg Plugin)-(DragonQuestHero Suggest)
• https://github.com/papadp/shd
• https://github.com/bronzeMe/SSDT_Hook_x64
• https://github.com/s18leoare/Hackshield-Driver-Bypass
• https://github.com/sincoder/hidedir
• https://github.com/wyrover/HKkernelDbg
• https://github.com/CherryZY/Process_Protect_Module
• https://github.com/weixu8/RegistryMonitor
• https://github.com/nmgwddj/Learn-Windows-Drivers

eat/iat/object/irp/iat hook

• https://github.com/hasherezade/IAT_patcher
• https://github.com/Cyrex1337/hook.lib
• https://github.com/hMihaiDavid/hooks
• https://github.com/Scorbutics/IATHook
• https://github.com/amazadota/AFD-HOOK-
• https://github.com/wyyqyl/HookIAT
• https://github.com/smore007/remote-iat-hook
• https://github.com/m0n0ph1/IAT-Hooking-Revisited
• https://github.com/xiaomagexiao/GameDll
• https://github.com/HollyDi/Ring0Hook
• https://github.com/mgeeky/prc_xchk
• https://github.com/tinysec/iathook

InfinityHook

• https://yanjuan.xyz/2019/08/syscallhook/
• https://github.com/huoji120/huoji_debuger
• https://github.com/everdox/InfinityHook

inline hook

• https://github.com/adrianyy/kernelhook
• https://github.com/gfreivasc/VMTHook
• https://github.com/zhipeng515/MemberFunctionHook （member function hook）
• https://github.com/windy32/win32-console-hook-lib
• https://github.com/M0rtale/Universal-WndProc-Hook
• https://github.com/a7031x/HookApi
• https://github.com/blaquee/APCHook
• https://github.com/simonberson/ChromeURLSniffer
• https://github.com/codereversing/sehveh_hook
• https://github.com/Matviy/LeagueReplayHook
• https://github.com/jonasblunck/DP
• https://github.com/XBased/xhook
• https://github.com/rokups/hooker
• https://github.com/Ayuto/DynamicHooks
• https://github.com/sincoder/wow64hook
• https://github.com/strobejb/sslhook
• https://github.com/petrgeorgievsky/gtaRenderHook
• https://github.com/WopsS/RenHook
• https://github.com/chinatiny/InlineHookLib (R3 & R0)
• https://github.com/tongzeyu/HookSysenter
• https://github.com/idkwim/frookSINATRA (x64 sysenter hook)
• https://github.com/VideoCardGuy/HideProcessInTaskmgr
• https://github.com/MalwareTech/FstHook
• https://github.com/Menooker/FishHook
• https://github.com/G-E-N-E-S-I-S/latebros
• https://bbs.pediy.com/thread-214582.htm

hook engine

• https://github.com/danielkrupinski/vac-hooks
• https://github.com/vol4ok/libsplice (r3 & r0)
• https://github.com/HoShiMin/HookLib (r3 & r0)
• https://github.com/Rebzzel/kiero (d3d hook)
• https://github.com/aschrein/apiparse
• https://github.com/zyantific/zyan-hook-engine
• https://github.com/jonasblunck/DP (com hook)
• https://github.com/jonasblunck/DynHook
• https://github.com/wanttobeno/ADE32_InlineHook
• https://github.com/coltonon/RegHookEx (mid function)
• https://github.com/Synestraa/ArchUltimate.HookLib
• https://github.com/DominicTobias/detourxs
• https://github.com/Ilyatk/HookEngine
• https://github.com/zyantific/zyan-hook-engine
• https://github.com/martona/mhook
• https://github.com/EasyHook/EasyHook
• https://github.com/RelicOfTesla/Detours
• https://github.com/stevemk14ebr/PolyHook
• https://github.com/TsudaKageyu/minhook
• https://github.com/Microsoft/Detours
• https://github.com/Microwave89/ntapihook

anti hook

• https://github.com/nickcano/ReloadLibrary

inject technique (ring0)

• https://github.com/Mecanik/MecanikProcessBreaker
• https://github.com/mactec0/Kernelmode-manual-mapping-through-IAT
• https://github.com/adrianyy/KeInject
• https://github.com/Sqdwr/LoadImageInject
• https://github.com/haidragon/NewInjectDrv
• https://github.com/alex9191/Kernel-dll-injector (DllInjectFromKernel)
• https://github.com/wbenny/keinject (ApcInjectFromKernel)

inject technique (ring3)

• https://github.com/SafeBreach-Labs/pinjectra
• https://github.com/odzhan/injection
• https://github.com/M-r-J-o-h-n/SWH-Injector
• https://github.com/nccgroup/ncloader (A session-0 capable dll injection utility)
• https://github.com/vmcall/eye_mapper (BattlEye x64 usermode injector)
• https://github.com/Shaxzy/VibranceInjector
• https://github.com/xiaobo93/UnModule_shellcode_Inject
• https://github.com/Cybellum/DoubleAgent
• https://github.com/realoriginal/reflective-rewrite (InjectFromMemory)
• https://github.com/blaquee/APCHook (apc inject)
• https://github.com/secrary/InjectProc
• https://github.com/ez8-co/yapi (Yet Another Process Injector)
• https://github.com/UserExistsError/InjectDll (InjectFromMemory)
• https://github.com/notscimmy/libinject
• https://github.com/BorjaMerino/tlsInjector (tls)
• https://github.com/BorjaMerino/Pazuzu (InjectFromMemory)
• https://github.com/strobejb/injdll
• https://github.com/strivexjun/DriverInjectDll (MapInjectDll)
• https://github.com/sud0loo/ProcessInjection
• https://github.com/apriorit/SvcHostDemo
• https://github.com/can1357/ThePerfectInjector
• https://github.com/VideoCardGuy/X64Injector
• https://github.com/papadp/reflective-injection-detection (InjectFromMemory)
• https://github.com/psmitty7373/eif (InjectFromMemory)
• https://github.com/rokups/ReflectiveLdr (InjectFromMemory)
• https://github.com/BenjaminSoelberg/ReflectivePELoader (InjectFromMemory)
• https://github.com/NtRaiseHardError/Phage (InjectFromMemory)
• https://github.com/dismantl/ImprovedReflectiveDLLInjection (InjectFromMemory)
• https://github.com/CylanceVulnResearch/ReflectiveDLLRefresher (InjectFromMemory)
• https://github.com/amishsecurity/paythepony (InjectFromMemory)
• https://github.com/deroko/activationcontexthook
• https://github.com/ez8-co/yapi (Cross x86 & x64 injection)
• https://github.com/georgenicolaou/HeavenInjector
• https://github.com/tinysec/runwithdll
• https://github.com/NtOpcode/NT-APC-Injector
• https://github.com/caidongyun/WinCodeInjection
• https://github.com/countercept/doublepulsar-usermode-injector
• https://github.com/mq1n/DLLThreadInjectionDetector
• https://github.com/hkhk366/Memory_Codes_Injection
• https://github.com/chango77747/ShellCodeInjector_MsBuild
• https://github.com/Zer0Mem0ry/ManualMap
• https://github.com/secrary/InfectPE
• https://github.com/zodiacon/DllInjectionWithThreadContext
• https://github.com/NtOpcode/RtlCreateUserThread-DLL-Injection
• https://github.com/hasherezade/chimera_loader
• https://github.com/Ciantic/RemoteThreader
• https://github.com/OlSut/Kinject-x64
• https://github.com/tandasat/RemoteWriteMonitor
• https://github.com/stormshield/Beholder-Win32
• https://github.com/secrary/InjectProc
• https://github.com/AzureGreen/InjectCollection
• https://github.com/uItra/Injectora
• https://github.com/rootm0s/Injectors
• https://github.com/Spajed/processrefund
• https://github.com/al-homedawy/InjecTOR
• https://github.com/OlSut/Kinject-x64
• https://github.com/stormshield/Beholder-Win32
• https://github.com/yifiHeaven/MagicWall

WoW64 <-> x64

• https://github.com/wolk-1024/WoW64Utils
• https://github.com/dadas190/Heavens-Gate-2.0
• https://github.com/leecher1337/ntvdmx64
• https://github.com/hyzhangzhy/WindowX
• https://github.com/georgenicolaou/HeavenInjector
• https://github.com/georgenicolaou/W64oWoW64
• https://github.com/Rprop/X86Call
• https://github.com/rwfpl/rewolf-wow64ext
• https://github.com/ovidiuvio/libntdbg
• https://github.com/haidragon/x86tox64
• https://github.com/3gstudent/CreateRemoteThread
• https://github.com/RaMMicHaeL/Textify

anti autorun

• https://github.com/analyst004/autorun

anti dll inject

• https://0cch.com/2015/04/10/e998b2e6ada2global-windows-hookse6b3a8e585a5e79a84e4b880e4b8aae696b9e6b395/ (global hook)
• https://blog.csdn.net/songjinshi/article/details/7808561 (message hook)
• https://blog.csdn.net/songjinshi/article/details/7808624 (message hook)
• https://github.com/mq1n/DLLThreadInjectionDetector
• https://github.com/analyst004/antinject
• https://github.com/ExpLife/BotKiller

load Dll from memory

• https://github.com/hasherezade/module_overloading
• https://github.com/UserExistsError/DllLoaderShellcode
• https://github.com/jnastarot/native_peloader
• https://github.com/fancycode/MemoryModule
• https://github.com/strivexjun/MemoryModulePP

Unpack dll load in runtime

• https://github.com/1ce0ear/DllLoaderUnpacker

dll hijack

• https://github.com/Cybereason/siofra (identify and exploit)
• https://github.com/anhkgg/SuperDllHijack
• https://github.com/strivexjun/AheadLib-x86-x64
• https://github.com/zeffy/proxydll_template

com hijack

• https://github.com/leoloobeek/COMProxy
• https://github.com/enigma0x3/MessageBox

anti dll hijack

• https://github.com/fortiguard-lion/anti-dll-hijacking

process hollowing

• https://github.com/xfgryujk/InjectExe
• https://github.com/m0n0ph1/Basic-File-Crypter
• https://github.com/Spajed/processrefund
• https://github.com/KernelMode/Process_Doppelganging
• https://github.com/hasherezade/process_doppelganging
• https://github.com/m0n0ph1/Process-Hollowing
• https://github.com/KernelMode/RunPE-ProcessHollowing
• https://github.com/KernelMode/RunPE_Detecter

pe loader

• https://github.com/FrankStain/pe-loader
• https://github.com/VideoCardGuy/PELoader

memory pe dumper

• https://github.com/glmcdona/Process-Dump

dll map detection

• https://github.com/vmcall/MapDetection

dll to shellcode

• https://github.com/w1nds/dll2shellcode

dll to exe

• https://github.com/hasherezade/dll_to_exe

hide process

• https://github.com/M00nRise/ProcessHider

hide & delete dll

• https://github.com/strivexjun/HideDll
• https://github.com/wyyqyl/HideModule

load driver from memory

• https://github.com/ZhuHuiBeiShaDiao/DriverMaper
• https://github.com/fadetrack/KernelMemoryModule (Enable Exception)
• https://github.com/not-wlan/driver-hijack
• https://github.com/Professor-plum/Reflective-Driver-Loader

bypass memory scanner

• https://github.com/Microwave89/rtsectiontest

KeUserModeCallBack

• https://github.com/Sqdwr/KeUserModeCallBack

callback

• https://github.com/OSRDrivers/kmexts (callbacks)
• https://github.com/godaddy/procfilter (yara-integrated)
• https://github.com/McSimp/unfairplay
• https://github.com/jjdredd/procsentinel (verify the address space of a process)
• https://github.com/SanseoLab/simpleAVdriver
• https://github.com/SanseoLab/ProcLogger
• https://github.com/notscimmy/libelevate
• https://github.com/ZhuHuiBeiShaDiao/ObRegisterCallBacksByPass
• https://github.com/Sqdwr/RemoveCallBacks
• https://github.com/JKornev/hidden
• https://github.com/binbibi/CallbackEx
• https://github.com/swwwolf/cbtest
• https://github.com/nmgwddj/Learn-Windows-Drivers
• https://github.com/SamLarenN/CallbackDisabler

usb filter

• https://github.com/GoodstudyChina/USBlocker

sfilter

• https://github.com/haidragon/sfilter

minifilter

• https://github.com/lxt1045/FileLogger
• https://github.com/vitalikpi/FileWall
• https://github.com/Mermeze/System-Monitor
• https://github.com/cn505240/lightweight-reactive-snapshot-service
• https://github.com/aviadyifrah/NAGuard
• https://github.com/y0n0622/DriversCode
• https://github.com/NotSurprised/MiniLogger
• https://github.com/hidd3ncod3s/hipara
• https://github.com/NtRaiseHardError/Providence
• https://github.com/maaaaz/mimicertz
• https://github.com/MUmesha/SecureFile
• https://github.com/anystayisjk/WordEncrypt
• https://github.com/anystayisjk/EncryptEngine
• https://github.com/yedushusheng/FileEncryption
• https://github.com/JokerMars/engine
• https://github.com/icedxu/Monitor
• https://github.com/smartinm/diskcryptor (disk encrypt)
• https://github.com/hedgeh/SEWindows (HIPS)
• https://github.com/474172261/DataProtector
• https://github.com/CynicalApe/Minifilter-CSHARP-ConsoleApp
• https://github.com/NtRaiseHardError/Anti-Delete (File anti delete)
• https://github.com/Randomize163/FSDefender
• https://github.com/ETEFS/ETEFS_Mini
• https://github.com/gfleury/ProtegeDados_ProjetoFinal
• https://github.com/denisvieriu/Portable-Executable-Minifilter-Driver
• https://github.com/surajfale/passthrough-minifilter-driver
• https://github.com/louk78/Virgo
• https://github.com/tandasat/Scavenger
• https://github.com/dubeyprateek/HideFiles
• https://github.com/aleksk/LazyCopy
• https://github.com/guidoreina/minivers
• https://github.com/idkwim/mfd
• https://github.com/Coxious/Antinvader
• https://github.com/tandasat/Scavenger
• https://github.com/fishfly/X70FSD
• https://github.com/ExpLife/BKAV.Filter

anti Ransomware

• https://github.com/NtRaiseHardError/Antimalware-Research
• https://github.com/clavis0x/AntiRansomware
• https://github.com/DecryptoniteTeam/Decryptonite
• https://github.com/ofercas/ransomware_begone

virtual disk

• https://github.com/zhaozhongshu/winvblock_vs
• https://github.com/yogendersolanki91/Kernel-Driver-Example

virtual file system

• https://github.com/ufrisk/MemProcFS (The Memory Process File System)
• https://github.com/TanninOne/usvfs
• https://github.com/ExpLife/CodeUMVFS
• https://github.com/yogendersolanki91/ProcessFileSystem
• https://github.com/BenjaminKim/dokanx

lpc

• https://github.com/avalon1610/LPC

alpc

• https://github.com/LoukaMB/Beacon
• https://github.com/avalon1610/ALPC

lsp/spi

• https://github.com/TinkerBravo/SPIRemove
• https://github.com/AnwarMohamed/Packetyzer

afd

• https://github.com/xiaomagexiao/GameDll
• https://github.com/DeDf/afd
• https://github.com/a252293079/NProxy

tdi

• https://github.com/wanttobeno/wmifilter
• https://github.com/xue-blood/adfilter
• https://github.com/alex9191/NetDriver (send & receive HTTP requests)
• https://github.com/alex9191/ZeroBank-ring0-bundle
• https://github.com/Sha0/winvblock
• https://github.com/michael4338/TDI
• https://github.com/cullengao/tdi_monitor
• https://github.com/uniking/TDI-Demo
• https://github.com/codereba/netmon

wfp

• https://github.com/gifur/NetworkMnt
• https://github.com/guidoreina/http_inspect
• https://github.com/ZhanLang/netmonsys
• https://github.com/reinhardvz/enumwfp
• https://github.com/BOT-Man-JL/WFP-Traffic-Redirection-Driver
• https://github.com/henrypp/simplewall
• https://github.com/dfct/PortMapper (Port Map)
• https://github.com/TinkerBravo/WFPKit
• https://github.com/Arno0x/DivertTCPconn
• https://github.com/mullvad/libwfp
• https://github.com/gifur/NetworkMnt
• https://github.com/ss-abramchuk/OpenVPNAdapter/blob/f016614ed3dec30672e4f1821344b7992825a98d/OpenVPN%20Adapter/Vendors/openvpn/openvpn/tun/win/wfp.hpp
• https://github.com/itari/vapu
• https://github.com/ValdikSS/GoodbyeDPI
• https://github.com/basil00/Divert
• https://github.com/WPO-Foundation/win-shaper
• https://github.com/raymon-tian/WFPFirewall
• https://github.com/killbug2004/HashFilter
• https://github.com/henrypp/simplewall
• https://docs.microsoft.com/zh-cn/windows-hardware/drivers/network/porting-packet-processing-drivers-and-apps-to-wfp
• https://github.com/thecybermind/ipredir

ndis

• https://github.com/pr0v3rbs/MalSiteBlocker
• https://github.com/Beamer-LB/netmap/tree/stable/WINDOWS
• https://github.com/ndemarinis/ovs/tree/22a1ba42f8137cd3532b54880b19b51d4b87440d/datapath-windows/ovsext
• https://github.com/markjandrews/CodeMachineCourse/tree/5473d4ea808791c2a048f2c8c9c86f011a6da5e8/source/kerrkt.labs/labs/NdisLwf
• https://github.com/openthread/openthread/tree/master/examples/drivers/windows
• https://github.com/Hartigan/Firewall
• https://github.com/zy520321/ndis-filter
• https://github.com/yuanmaomao/NDIS_Firewall
• https://github.com/SoftEtherVPN/Win10Pcap
• https://github.com/IsoGrid/NdisProtocol
• https://github.com/lcxl/lcxl-net-loader
• https://www.ntkernel.com/windows-packet-filter/
• https://github.com/michael4338/NDIS
• https://github.com/IAmAnubhavSaini/ndislwf
• https://github.com/OpenVPN/tap-windows6
• https://github.com/SageAxcess/pcap-ndis6
• https://github.com/uniking/NDIS-Demo
• https://github.com/mkdym/NDISDriverInst
• https://github.com/debugfan/packetprot
• https://github.com/Iamgublin/NDIS6.30-NetMonitor
• https://github.com/nmap/npcap
• https://github.com/Ltangjian/FireWall
• https://github.com/Microsoft/Windows-driver-samples/tree/master/network/config/bindview
• https://github.com/brorica/http_inject (winpcap)

game accelerator

• https://github.com/NetchX/Netch

wsk

• https://github.com/adrianyy/rw_socket_driver
• https://github.com/wbenny/KSOCKET
• https://github.com/xalley/WskHttp
• https://github.com/reinhardvz/wsk
• https://github.com/akayn/kbMon
• https://github.com/02strich/audionet
• https://github.com/mestefy/securityplus
• https://github.com/skycipher/CNGProvider

rootkits

• https://github.com/Mr-Un1k0d3r/SCShell
• https://github.com/realoriginal/doublepulsar-poc
• https://github.com/zouxianyu/PhysicalMemoryRW
• https://github.com/zouxianyu/KernelHiddenExecute
• https://github.com/isoadam/gina_public
• https://github.com/GayPig/driverless-basic-driver
• https://github.com/zerosum0x0/smbdoor
• https://github.com/Alex3434/wmi-static-spoofer
• https://github.com/KIDofot/BypassDriverDetection_And_Kill360Process
• https://github.com/longmode/UTKModule
• https://github.com/nkga/cheat-driver (read/write memory of arbitrary processes)
• https://github.com/lantaoxu/HWIDFaker (hwid fake)
• https://github.com/zerosum0x0/puppetstrings
• https://github.com/Synestraa/Highcall-Library (Highcall)
• https://github.com/Microwave89/drvtricks
• https://github.com/Psychotropos/xhunter1_privesc (XIGNCODE3)
• https://github.com/ionescu007/r0ak (RWE)
• https://github.com/cyberweapons/cyberweapons
• https://github.com/huoji120/AV-Killer
• https://github.com/Sqdwr/DeleteFile
• https://github.com/Sqdwr/DeleteFileByCreateIrp
• https://github.com/Mattiwatti/PPLKiller
• https://github.com/bfosterjr/ci_mod
• https://github.com/HoShiMin/EnjoyTheRing0
• https://github.com/hfiref0x/ZeroAccess
• https://github.com/hackedteam/driver-win32
• https://github.com/hackedteam/driver-win64
• https://github.com/csurage/Rootkit
• https://github.com/bowlofstew/rootkit.com
• https://github.com/Nervous/GreenKit-Rootkit
• https://github.com/bytecode-77/r77-rootkit
• https://github.com/Cr4sh/WindowsRegistryRootkit
• https://github.com/Alifcccccc/Windows-Rootkits
• https://github.com/Schnocker/NoEye
• https://github.com/christian-roggia/open-myrtus
• https://github.com/Cr4sh/DrvHide-PoC
• https://github.com/mstefanowich/SquiddlyDiddly2
• https://github.com/MalwareTech/FakeMBR
• https://github.com/Cr4sh/PTBypass-PoC
• https://github.com/psaneme/Kung-Fu-Malware
• https://github.com/hasherezade/persistence_demos
• https://github.com/MinhasKamal/TrojanCockroach
• https://github.com/akayn/kbMon

mbr

• https://github.com/Cisco-Talos/MBRFilter

bootkits

• https://github.com/DeviceObject/rk2017
• https://github.com/DeviceObject/ChangeDiskSector
• https://github.com/DeviceObject/Uefi_HelloWorld
• https://github.com/DeviceObject/ShitDrv
• https://github.com/DeviceObject/DarkCloud
• https://github.com/nyx0/Rovnix
• https://github.com/MalwareTech/TinyXPB
• https://github.com/m0n0ph1/Win64-Rovnix-VBR-Bootkit
• https://github.com/NextSecurity/Gozi-MBR-rootkit
• https://github.com/NextSecurity/vector-edk
• https://github.com/ahixon/booty

uefi/smm

• https://github.com/DeviceObject/Uefi_HelloWorld
• https://github.com/LongSoft/UEFITool
• https://github.com/dude719/UEFI-Bootkit
• https://github.com/quarkslab/dreamboot
• https://github.com/gyje/BIOS_Rootkit
• https://github.com/scumjr/the-sea-watcher
• https://github.com/zhuyue1314/stoned-UEFI-bootkit
• https://github.com/hackedteam/vector-edk
• https://github.com/Cr4sh/SmmBackdoor
• https://github.com/Cr4sh/PeiBackdoor
• https://github.com/Cr4sh/fwexpl

bootloader

• https://github.com/apriorit/custom-bootloader

smc

• https://github.com/marcusbotacin/Self-Modifying-Code

anti debug

• https://github.com/sharepub/CheckVM-Sandbox
• https://github.com/nihilboy/anti
• https://github.com/atlantis2013/Evasion-Tools
• https://github.com/AlicanAkyol/sems
• https://github.com/strivexjun/XAntiDebug
• https://github.com/marcusbotacin/Anti.Analysis
• https://github.com/LordNoteworthy/al-khaser
• https://github.com/eschweiler/ProReversing

crypters

• https://github.com/m0n0ph1/FileCrypter
• https://github.com/iGh0st/Crypters

malware

• https://github.com/InQuest/malware-samples
• https://github.com/mstfknn/malware-sample-library
• https://github.com/Darkabode/possessor
• https://github.com/Darkabode/zerokit
• https://github.com/NYAN-x-CAT/AsyncRAT-C-Sharp (C#)
• https://github.com/zerosum0x0/koadic (JScript RAT)
• https://github.com/malwaredllc/bamf
• https://github.com/malwaredllc/byob (py)
• https://github.com/fereh/tacekit
• https://github.com/eset/malware-ioc
• https://github.com/lianglixin/RemoteControl-X3
• https://github.com/Souhardya/UBoat (HTTP)
• https://github.com/malwares/Botnet
• https://github.com/RafaelGSS/HyzMall
• https://github.com/DeadNumbers/Pegasus
• https://github.com/mdsecactivebreach/SharpShooter
• https://github.com/mwsrc/XtremeRAT
• https://github.com/mwsrc/Schwarze-Sonne-RAT (delphi)
• https://github.com/Mr-Un1k0d3r/ThunderShell (powershell)
• https://github.com/DimChris0/LoRa
• https://github.com/marcusbotacin/Malware.Multicore
• https://github.com/bxlcity/malware
• https://github.com/grcasanova/SuperVirus
• https://github.com/hackedteam/core-win32
• https://github.com/hackedteam/scout-win
• https://github.com/hackedteam/vector-dropper

EternalBlue && Doublepulsar && Mine

• https://github.com/xmrig/xmrig
• https://github.com/TolgaSEZER/EternalPulse

shellcode analysis

• https://github.com/OALabs/BlobRunner

malware analysis

• https://github.com/G4rb3n/Malware-Killer
• https://github.com/G4rb3n/Malware-Picture
• https://github.com/a232319779/mmdt
• https://github.com/Formyown/Alesense-Antivirus (nice demo)
• https://github.com/ctxis/capemon (Config And Payload Extraction)
• https://github.com/tdevuser/MalwFinder
• https://github.com/MalwareCantFly/Vba2Graph
• https://github.com/unexpectedBy/Automated-Malware-Analysis-List
• https://github.com/wchen-r7/amsiscanner (Microsoft’s Antimalware Scan Interface)
• https://github.com/ctxis/capemon
• https://github.com/kevthehermit/RATDecoders
• https://github.com/marcusbotacin/Malware.Variants
• https://github.com/marcusbotacin/Hardware-Assisted-AV
• https://github.com/gentilkiwi/spectre_meltdown
• https://github.com/gentilkiwi/wanadecrypt
• https://github.com/bloomer1016
• https://github.com/CHEF-KOCH/malware-research
• https://github.com/gentilkiwi/wanakiwi

av evasion

• https://github.com/huoji120/Antivirus_R3_bypass_demo
• https://github.com/paranoidninja/CarbonCopy

arktools

• https://github.com/mohuihui/antispy
• https://github.com/DavidXanatos/TaskExplorer
• https://github.com/BlackINT3/OpenArk
• https://github.com/basketwill/Sysmon_reverse
• https://github.com/ZhuHuiBeiShaDiao/KernelHooksDetection_x64
• https://github.com/AxtMueller/Windows-Kernel-Explorer
• https://github.com/hedgeh/SEWindows (doc:hedgeh.github.io/startup.html)
• https://github.com/glmcdona/MALM
• https://github.com/ahmad-siavashi/Ana-Process-Explorer
• https://github.com/alex9191/KernelModeMonitor
• https://github.com/marcosd4h/memhunter
• https://github.com/gleeda/memtriage
• https://github.com/KernelMode/Process_Dop
• https://github.com/hm200958/kmdf–analyse
• https://github.com/AzureGreen/WinNT-Learning
• https://github.com/marcusbotacin/BranchMonitoringProject
• https://github.com/AzureGreen/ArkProtect
• https://github.com/AzureGreen/ArkToolDrv
• https://github.com/HollyDi/PCAssistant
• https://github.com/ChengChengCC/Ark-tools
• https://github.com/swatkat/arkitlib
• https://github.com/swwwolf/wdbgark
• https://github.com/zibility/Anti-Rootkits
• https://github.com/SLAUC91/AntiCheat
• https://github.com/sincoder/A-Protect
• https://github.com/apriorit/antirootkit-anti-splicer
• https://github.com/kedebug/ScDetective
• https://github.com/PKRoma/ProcessHacker
• https://github.com/AndreyBazhan/DbgExt
• https://github.com/comaeio/SwishDbgExt
• https://github.com/ExpLife/atomic-red-team
• https://github.com/shenghe/pcmanager
• https://github.com/lj1987new/guardlite
• https://github.com/hackshields/antivirus/
• https://github.com/AntiRootkit/BDArkit

bypass patchguard

• https://github.com/can1357/ByePg
• https://github.com/zzhouhe/PG1903
• https://github.com/9176324/Shark
• https://github.com/hfiref0x/UPGDSED
• https://github.com/tandasat/PgResarch
• https://github.com/killvxk/DisableWin10PatchguardPoc
• https://github.com/tandasat/findpg
• https://github.com/zer0mem/HowToBoostPatchGuard
• https://bbs.pediy.com/thread-214582.htm

bypass dse

• https://github.com/alxbrn/gdrv-loader
• https://github.com/Mattiwatti/EfiGuard
• https://github.com/hfiref0x/TDL
• https://github.com/hfiref0x/DSEFix

HackSysExtremeVulnerableDriver

• https://github.com/redogwu/windows_kernel_exploit
• https://github.com/mgeeky/HEVD_Kernel_Exploit
• https://www.fuzzysecurity.com/tutorials.html
• https://rootkits.xyz/blog/
• https://github.com/hacksysteam/HackSysExtremeVulnerableDriver
• https://github.com/k0keoyo/HEVD-Double-Free-PoC
• https://github.com/k0keoyo/HEVD-Arbitrary-Overwrite-Exploit-Win10-rs3
• https://github.com/tekwizz123/HEVD-Exploit-Solutions
• https://github.com/k0keoyo/try_exploit
• https://github.com/Cn33liz/HSEVD-VariousExploits
• https://github.com/Cn33liz/HSEVD-StackOverflow
• https://github.com/Cn33liz/HSEVD-StackOverflowX64
• https://github.com/Cn33liz/HSEVD-StackCookieBypass
• https://github.com/Cn33liz/HSEVD-ArbitraryOverwriteGDI
• https://github.com/Cn33liz/HSEVD-StackOverflowGDI
• https://github.com/Cn33liz/HSEVD-ArbitraryOverwriteLowIL
• https://github.com/Cn33liz/HSEVD-ArbitraryOverwrite
• https://github.com/akayn/demos

windows exploits

• https://github.com/NAXG/cve_2019_0708_bluekeep_rce (RDP)
• https://github.com/wchen-r7/VulnCases (cases)
• https://github.com/rockmelodies/CVE-2019-0708-Exploit (RDP)
• https://github.com/admintony/svnExploit
• https://github.com/smgorelik/Windows-RCE-exploits
• https://github.com/WindowsExploits/Exploits
• https://github.com/codewhitesec/UnmarshalPwn
• https://github.com/shellphish/how2heap
• https://github.com/externalist/exploit_playground
• https://github.com/cervoise/Abuse-bash-for-windows

windows kernel exploits

• https://github.com/SouhailHammou/Drivers (ATP bypass)
• https://www.unknowncheats.me/forum/anti-cheat-bypass/334557-vulnerable-driver-megathread.html?nsukey=CkSGplDUMAWaGbr8btXXDeNqNyzCau83773dZHbUgTD2KbfFsN4ReqwwjwB1TE2jjUz0HHSUQSrvX7JZ%2BtA0RPQFg5pWsGwlyCVT6EW1cF8Y%2BDfa%2Fd8KHdi%2FFG5mj6oTcKaCfR%2BQmUANoXeWHbzursQ68JQdcT5zfCKwgR7ZutAla5N%2FHH8448BpwB4nKJuBB0ns7Ex0vVB7O8j%2BkcFaug%3D%3D
• https://github.com/n3k/EKOParty2015_Windows_SMEP_Bypass (SEMP bypass)
• https://github.com/saaramar/execve_exploit (WSL)
• https://github.com/siberas/CVE-2016-3309_Reloaded
• https://github.com/moccajoghurt/drvmap_secure
• https://github.com/fishstiqz/poolinfo
• https://github.com/cbayet/Exploit-CVE-2017-6008
• https://github.com/cbayet/PoolSprayer (pool spray)
• https://github.com/DownWithUp/CVE-2018-15499 (race condition)
• https://github.com/SandboxEscaper/randomrepo (win10 LPE)
• https://github.com/jackson5-sec/TaskSchedLPE (LPE)
• https://github.com/HarsaroopDhillon/AHNLab-0day(LPE)
• https://github.com/paranoidninja/Pandoras-Box
• https://github.com/MarkHC/HandleMaster
• https://github.com/can1357/physical_mem_controller
• https://github.com/can1357/safe_capcom
• https://github.com/can1357/CVE-2018-8897
• https://github.com/JeremyFetiveau/Exploits
• https://github.com/hfiref0x/Stryker
• https://github.com/swwwolf/obderef
• https://github.com/k0keoyo/CVE-2017-0038-EXP-C-JS
• https://github.com/cbayet/PoolSprayer
• https://github.com/k0keoyo/Vir.IT-explorer-Anti-Virus-Null-Pointer-Reference-PoC
• https://github.com/k0keoyo/Driver-Loaded-PoC
• https://github.com/k0keoyo/try_exploit
• https://github.com/k0keoyo/CVE-2015-2546-Exploit
• https://github.com/k0keoyo/Dark_Composition_case_study_Integer_Overflow
• https://github.com/tinysec/vulnerability
• https://github.com/akayn/demos
• https://github.com/abatchy17/WindowsExploits
• https://github.com/recodeking/WindowsExploitation
• https://github.com/GDSSecurity/Windows-Exploit-Suggester
• https://github.com/rwfpl/rewolf-pcausa-exploit
• https://github.com/ratty3697/HackSpy-Trojan-Exploit
• https://github.com/SecWiki/windows-kernel-exploits
• https://github.com/sensepost/ms16-098
• https://github.com/shjalayeri/sysret
• https://github.com/sam-b/windows_kernel_resources
• https://github.com/sensepost/gdi-palettes-exp
• https://github.com/ExpLife/ByPassCfg
• https://github.com/Rootkitsmm/WinIo-Vidix
• https://github.com/andrewkabai/vulnwindrv
• https://github.com/mwrlabs/CVE-2016-7255
• https://github.com/MarkHC/HandleMaster
• https://github.com/SamLarenN/CapcomDKOM
• https://github.com/zerosum0x0/puppetstrings
• https://github.com/zerosum0x0/ShellcodeDriver
• https://github.com/Rootkitsmm/WinIo-Vidix
• https://github.com/progmboy/kernel_vul_poc
• https://github.com/rwfpl/rewolf-msi-exploit
• https://github.com/rwfpl/rewolf-pcausa-exploit
• https://github.com/Rootkitsmm/Win10Pcap-Exploit
• https://github.com/Rootkitsmm/MS15-061
• https://github.com/Rootkitsmm/cve-2016-0040
• https://github.com/Rootkitsmm/CVEXX-XX
• https://github.com/sensepost/ms16-098
• https://github.com/Trietptm-on-Security/bug-free-adventure
• https://github.com/sam-b/CVE-2014-4113
• https://github.com/Rootkitsmm/OpenVpn-Pool-Overflow
• https://github.com/Rootkitsmm/UnThreatAVDriver-DOS
• https://github.com/Cr4sh/ThinkPwn
• https://github.com/hfiref0x/CVE-2015-1701
• https://github.com/tyranid/windows-logical-eop-workshop
• https://github.com/google/sandbox-attacksurface-analysis-tools
• https://github.com/tyranid/ExploitRemotingService
• https://github.com/tyranid/DeviceGuardBypasses
• https://github.com/tyranid/ExploitDotNetDCOM
• https://github.com/hatRiot/token-priv(EOP)
• https://github.com/weizn11/MS17010_AllInOne
• https://github.com/TeskeVirtualSystem/MS17010Test

LPE

• https://github.com/itm4n/UsoDllLoader
• https://github.com/DoubleLabyrinth/SdoKeyCrypt-sys-local-privilege-elevation
• https://github.com/AlessandroZ/BeRoot
• https://github.com/HackerPide/The-Division-Bypass (division bypass)
• https://github.com/khr0x40sh/WhiteListEvasion
• https://github.com/ohpe/juicy-potato
• https://github.com/nmulasmajic/syscall_exploit_CVE-2018-8897
• https://github.com/codewhitesec/UnmarshalPwn
• https://ohpe.github.io/juicy-potato/

linux exploit

• https://github.com/Lazenca/Exploit-tech
• https://github.com/Lazenca/Kernel-exploit-tech

office exploit

• https://github.com/houjingyi233/office-exploit-case-study
• https://github.com/rxwx/CVE-2017-8570

flash exploit

• https://github.com/brianwrf/CVE-2017-4878-Samples

sandbox

• https://github.com/taiFansou/Proteibox

sandbox escape

• https://github.com/b4rtik/ATPMiniDump
• https://github.com/ray-cp/vm-escape
• https://github.com/xairy/vmware-exploitation
• https://github.com/649/Chrome-Sandbox-Exploit
• https://github.com/SilverMoonSecurity/SandboxEvasion
• https://github.com/exAphex/SandboxEscape
• https://github.com/Fel0ny/Sandbox-Detection
• https://github.com/CheckPointSW/InviZzzible
• https://github.com/MalwareTech/AppContainerSandbox
• https://github.com/tyranid/IE11SandboxEscapes
• https://github.com/649/Chrome-Sandbox-Exploit
• https://github.com/google/sandbox-attacksurface-analysis-tools
• https://github.com/conix-security/zer0m0n
• https://github.com/iceb0y/windows-container
• https://github.com/s7ephen/SandKit
• https://github.com/D4Vinci/Dr0p1t-Framework
• https://github.com/cryptolok/MorphAES
• https://github.com/mtalbi/vm_escape
• https://github.com/unamer/vmware_escape
• https://github.com/erezto/lua-sandbox-escape
• https://github.com/brownbelt/Edge-sandbox-escape
• https://github.com/shakenetwork/vmware_escape
• https://github.com/Cr4sh/prl_guest_to_host

anti exploit

• https://github.com/shjalayeri/Pwnypot
• https://github.com/shjalayeri/MCEDP
• https://github.com/Empier/Anti-Exploit

cve

• https://github.com/apt69/COMahawk
• https://github.com/DownWithUp/CVE-Stockpile
• https://github.com/badd1e/Disclosures
• https://github.com/Barakat/CVE-2