Discover @tandasat Open Source projects

Satoshi Tanda (@tandasat)

tandasat

Stars
8,144
Global Rank 2,757 (Top 0.1 %)
Followers 1,572
Following 1
Registered about 12 years ago
Most used languages

C++
54.9 %

C
19.6 %

C#
5.9 %

Rust
5.9 %

Python
3.9 %

HTML
2.0 %

Vim Script
2.0 %

Java
2.0 %

JavaScript
2.0 %

Ruby
2.0 %
Location 🇨🇦 Canada
Country Total Rank 117
Country Ranking

C++
2

C
21

Rust
32

C#
149

Python
449

Vim Script
548

HTML
682

JavaScript
975

Ruby
1,465

Java
4,316

HyperPlatform

Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.

DdiMon

Monitoring and controlling kernel API calls with stealth hook using EPT

Hypervisor-101-in-Rust

The materials of "Hypervisor 101 in Rust", a one-day long course, to quickly learn hardware-assisted virtualization technology and its application for high-performance fuzzing on Intel/AMD processors.

MiniVisorPkg

The research UEFI hypervisor that supports booting an operating system.

SimpleSvmHook

SimpleSvmHook is a research purpose hypervisor for Windows on AMD processors.

PgResarch

PatchGuard Research

SimpleSvm

A minimalistic educational hypervisor for Windows on AMD processors.

ExploitCapcom

This is a standalone exploit for a vulnerable feature in Capcom.sys

MemoryMon

Detecting execution of kernel memory where is not backed by any image file

DotNetHooking

Sample use cases of the .NET native code hooking technique

scripts_for_RE

Python scripts for reverse engineering.

GuardMon

Hypervisor based tool for monitoring system register accesses.

UefiVarMonitor

The runtime DXE driver monitoring access to the UEFI variables by hooking the runtime service table.

SmmExploit

The report and the exploit of CVE-2021-26943, the kernel-to-SMM local privilege escalation vulnerability in ASUS UX360CA BIOS version 303.

EopMon

Elevation of privilege detector based on HyperPlatform

Sushi

a Japanese food keeps you sane

findpg

Windbg extension to find PatchGuard pages

UEFI-BIOS-Security

Security Camp 2021 & GCC 2022

hvext

The Windbg extension that implements commands helpful to study Hyper-V on Intel processors.

WinIoCtlDecoder

IDA Plugin which decodes Windows Device I/O control code into DeviceType, FunctionCode, AccessType and MethodType.

HelloSmm

This is an instruction to run your own SMM code.

DebugLogger

A software driver that lets you log kernel-mode debug output into a file on Windows.

WPBT-Builder

The simple UEFI application to create a Windows Platform Binary Table (WPBT) from the UEFI shell.

FU_Hypervisor

A hypervisor hiding user-mode memory using EPT

CVE-2023-36427

Report and exploit of CVE-2023-36427

kraft_dinner

Tool to dump UEFI runtime drivers implementing runtime services for Windows

HelloAmdHvPkg

HelloAmdHvPkg is a type-1 research hypervisor for AMD processors.

Hello-VT-rp

A simple hypervisor demonstrating the use of the Intel VT-rp (redirect protection) technology.

RemoteWriteMonitor

A tool to help malware analysts tell that the sample is injecting code into other process.

Scavenger

A minifilter driver preserves all modified and deleted files.

meow

HelloIommuPkg

The sample DXE runtime driver demonstrating how to program DMA remapping.

DumpVTable

Generates a Python script to give public interface names in an ActiveX file to an IDB file.

DrvLoader

A command line tool to load and unload a device driver.

CVE-2022-25949

A years-old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77.

cs_driver

A sample project for using Capstone from a driver in Visual Studio 2015

CVE-2014-0816

CVE-2024-21305

Report and exploit of CVE-2024-21305.

hyperplatform_log_parser

User-mode program parsing logs created by HyperPlatform

tandasat.github.io

ProjectLoadTimeMonitor

The Visual Studio extension that measures load time of each project when a solution file is opened.

CheckSDL

A tool evaluates security configurations of a given PE based on SDL without source code

ListWorkItems

Lists work items being queued currently.

DeviceOpener

A command line tool to check if a specified device is accessible.

windbg_init

Windbg Init Script

win32_debugout

Shows debug strings on DebubView from an attached process by win32_remote.exe.

ping_vmm

A user-mode program knocking at HyperPlatform's "backdoor"

List-UEFI-Configuration-Tables

List UEFI Configuration Tables

ScopedResource

Scoped Resource - Generic RAII Wrapper for the Standard Library by Peter Sommerlad and Andrew L. Sandoval

SecRuntimeSample

A sample usege of SecRuntime.dll on Windows Phone

blog

CopyFiles

Copy files onto the IsolatedStorage so that you can download them using IsoStoreSpy.

mylight

Using LED of Samsung Galaxy Ace S5830

tandasat

shared

Manages files that are shared with multiple boxes.