admin

DuckSandboxDetect

C++ 0 0

沙箱测试,测评国内常见沙箱的代码与结论

Updated 2025-11-24 15:43:11 +08:00

ai-webshell-detect

Python 0 0

机器学习检测webshell

Updated 2025-11-24 15:42:53 +08:00

CowInjecter

C++ 0 0

滥用cow机制进行全局注入

Updated 2025-11-24 15:42:32 +08:00

AI_Aimbot_Detecter

SourcePawn 0 0

AI 检测FPS游戏中的微自瞄

Updated 2025-11-24 15:42:09 +08:00

EAC_Webpanel_1-10-2020

Text 0 0

Updated 2025-11-24 15:41:52 +08:00

efi-memory

C++ 0 0

PoC EFI runtime driver for memory r/w & kdmapper fork

Updated 2025-11-24 15:41:25 +08:00

MiniVisorPkg

C 0 0

The research UEFI hypervisor that supports booting an operating system.

Updated 2025-11-24 15:41:04 +08:00

battleye

C 0 0

battleye shellcode

Updated 2025-11-24 15:40:47 +08:00

pdfwkrnl-exploit

C++ 0 0

abusing signed pdfwkrnl.sys for kernel function calling from usermode.

dkom exploit kernel kernel-exploit pdfwkrnl vulnerable-driver

Updated 2025-11-24 15:40:28 +08:00

driverMapper

C++ 0 0

An Unsigned Driver Mapper for Windows 10 22H2 -> Windows 11 23H2 that uses PdFwKrnl to exploit the Read/Write IOCTL Calls to disable DSE & PG to map the unsigned driver.

Updated 2025-11-24 15:40:09 +08:00

sleep_duck_eye

C++ 0 0

Stack integrity verification to Detect SleepMask or CallStack Spoofer

Updated 2025-11-24 15:39:44 +08:00

Electron-Security

0 0

用于存储公众号文章的 PDF 版本

Updated 2025-11-24 15:37:42 +08:00

Windows-INCIDENT-RESPONSE-COOKBOOK

Markdown 0 0

Windows 应急响应手册

Updated 2025-11-24 15:36:57 +08:00

Linux-INCIDENT-RESPONSE-COOKBOOK

Markdown 0 0

Linux 应急响应手册

Updated 2025-11-24 15:36:32 +08:00

RmEye

JavaScript 0 0

戎码之眼是一个window上的基于att&ck模型的威胁监控工具.有效检测常见的未知威胁与已知威胁.防守方的利剑

edr sysmon threat-hunting

Updated 2025-11-24 09:44:02 +08:00