Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 9…

Python game hacking library, adding ease to creating externals

Archive R/W into any protected process by changing the value of KTHREAD->PreviousMode

Build and publish crates with pyo3, cffi and uniffi bindings as well as rust binaries as python packages

FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

Detailed Instructions on the creation of custom/modified DMA (attack) Firmware based on pcileech-fpga

gxHook decompiler is a program that injects code into a python process and decompiles it from memory which makes it easier to decompile obfuscated programs (for example pyarmor). Decompiler work fo…

BPFDoor Source Code. Originally found from Chinese Threat Actor Red Menshen

Dectect syscall hooking using eBPF

Linux Runtime Security and Forensics using eBPF

LKM Linux rootkit

Linux Rootkit Scanner

A Linux kernel module which hides itself

windows/linux python cheat for csgo

b43 is the open source driver for 802.11b/g/n family of wireless chips that are produced by Broadcom.

xilinx_cfg

Provides io.ReadWriter interface for a PCIe screamer device

Some gdb scripts to analyze VAC3 under Linux

Detect manualmapped images remotely, without hassle

kernel mode anti cheat

scan system / process integrity

pcileech-fpga with wireless card emulation

Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.

Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)

KDMapper is a simple tool that exploits iqvw64e.sys Intel driver to manually map non-signed drivers in memory

Simple proof of concept showing how you can use Discord's in-game internal module to draw on top of the game (even if the game is in fullscreen) from an external application without modifying any D…

Hiding the window from screenshots using the function win32kfull::GreProtectSpriteContent

my patches for linux kernel to spoof rdtsc and make vm exit undetected

Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do

Reversing EasyAntiCheat.