Discover aaaddress1/wowGrail Open Source project

some gadgets about windows process and ready to use :)

763

PR0CESS

571

Skrull

Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers that can run malware on the victim using the Process Ghosting technique. Also, launchers are totally anti-copy and naturally broken when got submitted.

448

Windows-APT-Warfare

著作《Windows APT Warfare：惡意程式前線戰術指南》各章節技術實作之原始碼內容

PoC: Exploit 32-bit Thread Snapshot of WOW64 to Take Over $RIP & Inject & Bypass Antivirus HIPS (HITB 2021)

379

wowInjector

159

my-Little-Ransomware

easy ransomware module base on csharp.

126

sakeInject

Windows PE - TLS (Thread Local Storage) Injector in C/C++

103

buyHouseAnalyzer

開源台灣房市在線實價登錄分析工具

HTML

wow64Jit

Call 32bit NtDLL API directly from WoW64 Layer

simple compiler based on mingw to build uncrackable windows application against analysis tools

puzzCode

vtMal

Malware Sandbox Emulation in Python @ HITCON 2018

tool for building windows shellcode in C by MinGW

shellDev.py

Out-of-the-Box Tool to Obfuscate Excel XLS. Include Obfuscation & Hide for Cell Labels & BoundSheets

xlsKami

SignThief

Windows PE Signature Thief in C++

The Purified Windows 11: without Defender, Updater, Patches, System Health, etc.

The-Purified-Elements

theArk

Windows x86 PE Packer In C++

One Click Tool to Scan All the Enabled Protection of current Windows NT Kernel

ntkrnlProtectScan

PowerShell

HellKitty-In-VC

Ring3 Rootkit Backdoor.

(PoC) Tiny Excel BIFF8 Generator, to Embedded 4.0 Macros in xls files without Excel.

xlsGen

dnLauncher

masqueradeCmdline

A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.

Useful Plugin for IDA to Trace Function Call Tree

knownDlls_Poison

funcTracker

PoC for DEF CON 26: Playing Malware Injection with Exploit thoughts

Win-Exploit-Inject

Windows Injection 101: from Zero to ROP (HITCON 2017)

winInject101

Windows Application Loader Running *.Exe files in Memory against Scrylla

Lexa

CrackShield-MapleStory-Hack

MapleStory Hack Plugin

isuMaster-NodeJS

義守管家線上雲端服務

APCInjector-BYPASS-AV

白癡喔還要下 pip install 誰會用啦—隨開即用 Windows 版 OpenAI Whisper 逐字稿產生器

Whisper.py

Play PokémonGo without hands, Based on Python, and Easy to fix.

PykemonGo

Tiny Windows x86 Assembly Compiler in C++ and Keystone Engine

moska

goodGarena

Garena 競時通順暢開遊戲小補丁

inline hook functions in memory on OSX

OSX-Dyanmic-Hook

NTUSTxTDOH-Reversing-Game

NTUSTxTDOH 2015/11/15~29 Easy Crack Me

Catch All HTTP Request In IE WebBrowser Control In C#

WebBrowser-Control-GET-POST-Request-Hook-In-CSharp

Chakra

Instagram 限時動態自動閱讀器

.NET PE file parser in C/C++

easyChptchaOCR

簡易義守選課驗證碼圖像100%辨識

vodka

Word2Vec written in pure Numpy

Word2Vec.py

Algorithm

一些演算法學習筆記

用CBuilder自幹Win32的除錯器.(搭配WinAPI)

Win32-Debugger

Make stored PkZIP file unarchive in C

PkZIP-Unarchiver-in-C

Dad-sRoot

Easy Process Spy For Windows7 x32bit

a simple CPU0 simulator in C++

cpuZero

Control-Flow-Graph Analysis based on Radare2 In Python3

BiuBiu

A game of TDOHacker at HITCON CMT 2015

how-to-homework

C/C++ Dirty Work

HITCONxTDoH-2015-Crypto-Game

C-CodingStyleHacker-In-CSharp

PE_Toy

praHeapSpray

Heap Spray Practice

engExamSystem-NodeJS

基於 NodeJS 開發的英文克漏字線上測驗系統

hackingWeekend 系列課程的簡報、練習題目內容與實作

hackingWeekend

2015/12/27 台科BOF基礎講課Live Demo程式

NTUSTXTDOH_EasyBofBasic

Get important information of moodle in node.js

m00d1e.js

CIL (MSIL) Disassembler Written In Pure C/C++. Rewrite from Mono Project

disCIL

Control Graph based JIT Engine as PE Packer (Python3 + Radare2 + Keystone)

Ahri

白癡喔，打個 CyberPunk 一直卡中文輸入法怎玩啦？

Xor-BinaryFile-Encrypt-In-CSharp

對二進制文件做簡單的資料變異

FkBBTalk

剃除該死的聊聊

Visual Basic

easyPunk

googMeow

Google Search Ninja based on Python

Dev-C-Homework

以C++Builder開發的會自我更新的POE流亡闇道多開.

Adr-sFB-Release

PoE-Mutli-Game-And-Auto-UpDate

oracle-machine

Virus-Patten-API-Call

Auto Login Bot for CISCO WiFi Web Authentication

WinHTTP-Request-Hijacking-In-CSharp

iWiFi

Swift

CSharp-Hosts-HTTP-Hook

酷狗音樂破解

isuSurvey-Node

義守大學教學意見調查表自動填問卷機器人網站版本(Node.js)

Run-Once-

QACInjector-In-CBuilder

QAC Thread DLL Inector

封裝的CBuilder HTTPs封包處理類別,支持本地儲存Cookie,UA設定

aaaddress1

isuSurvey-v2

義守大學教學意見調查表自動填問卷機器人(C#)

HTTPs-WebClient-In-CBuilder

You can get a randomize index number in pure x86 assembly. I'll finish it as a shellcode one day I think :3

x86-Lottery-Script

DLL-Injector-In-VB.NET

以VB.NET實作CreateThread做LoadLibraryA遠程注入DLL.

Visual Basic

isuBot-in-Swift

義守大學輔助機器人OSX版本（Swift實作）

Swift

ransomware_display

HTML

Dll-Injector-In-CB

a tool with GUI is used to check all digital signature of modules in the process.

Windows-Digital-Signature-Verify-Tool

Isu-Survey-Bot

義守大學教學意願調查表自動填問卷機器人(C++)

Data-Structures-Homework

將指定模組的記憶體名字從PE Header上抹除/替換,但保留模組可存在於進程內存活.

Replace-ModuleInfo-From-PE-In-CB

以VB.NET開發的一套全智能搜索楓之谷線上遊戲記憶體的分析引擎.

AdrEngine-MapleStory-In-VB.NET

Visual Basic

CSharp-Image-Filter

Image Filter (mean filter & median filter) in CSharp

PowerCursor

Auto Move Your Cursor to the Focused Window while You Alt+Tab or Touchboard for Windows

nodeSpiderExam

神選資人百捌寒訓 - Node.js 蟲蟲危機 (爬蟲撰寫開發) 課堂練習範本題目

Dynamic-Process-Image-Info-VC