Top Rating
- Top Contributors
  Discover the Top Open Source contributors by country or by language
- Interviews
  Discover real stories from Open Source developers
Discover

Discover your Favorite Language
Discover the top trending repositories and projects on Github. Explore the latest trends in your preferred languages.

Nix

F#

PHP

Swift

Zig

Python

MATLAB

Go

More Languages
Awesome

Awesome repositories
Discover the most awesome repositories and projects of your favorite languages. Inspired by the Awesome-* lists trend in GitHub.

Clojure

Racket

Ada

Erlang

Dart

Julia

Nix

C

More Languages
By Country

Rankings by Country
Discover the community of talented open source contributors in each country.

🇯🇪 Jersey

🇨🇱 Chile

🇻🇳 Vietnam

🇳🇦 Namibia

🇸🇪 Sweden

🇸🇧 Solomon Islands

🇹🇷 Türkiye

🇻🇺 Vanuatu

All Countries Compare Countries

can1357/NtRays

Stars
502
Rank 87,851 (Top 2 %)
Language
C++
License
BSD 3-Clause "New...
Created almost 3 years ago
Updated 3 months ago

can1357/NtRays

can1357

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.

NtRays

NtRays is a Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.

Features

Cleanup of instrumentation and scheduler hinting code.
Lifting of multiple missing instructions.
Lifting of TrapFrame accesses and interrupt/syscall returns.
Inference of KUSER_SHARED_DATA segments.
Lifting of dynamic relocations for page tables and PFN database with LA57 support.
RSB flush lifting in ISRs.
Replacement of KTHREAD/KPROCESS with ETHREAD/EPROCESS in user types, local variables and arguments.

Installation

Simply drop the NtRays64.dll into the plugins folder. Note: IDA 7.6+ is required.

License

NtRays is licensed under BSD-3-Clause License.

NoVmp

A static devirtualizer for VMProtect x64 3.x. powered by VTIL.

ThePerfectInjector

Literally, the perfect injector.

ByePg

Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.

CVE-2018-8897

Arbitrary code execution with kernel privileges using CVE-2018-8897.

NtLua

Lua in kernel-mode because why not.

haruspex

Exploration of x86-64 ISA using speculative execution.

linux-pe

COFF and Portable Executable format described using standard C++ with no dependencies.

simple_cnn

Simple Convolutional Neural Network Library

HexSuite

Header only wrapper around Hex-Rays API in C++20.

physical_mem_controller

A library to read physical memory and system-wide virtual memory.

vmware-rpc

Header-only VMWare Backdoor API Implementation & Effortless VMX Patcher for Custom Guest-to-Host RPCs

IdaThemer

🎨 Seamlessly convert your favorite Visual Studio Code themes to IDA Pro themes.

safe_capcom

Capcom wrapper with safety in mind.

xstd

A portable header only library extending the C++20 STL.

hvdetecc

Collection of hypervisor detections

llvm-patches

Personal curation of Clang/LLVM patches.

selene

Kernel-mode Paravirtualization in Ring 2, LLVM based linker, and some other things!

troto

TypeScript to Protobuf transpiler.

gengo

Generate Go bindings for shared C libraries.

retro

Experimental static analysis framework.

Myelin

Header-only CUDA accelerated DNN library

turing-incomplete

xedpp

Tiny wrapper around xed API.