Skip to content
View adanto's full-sized avatar
28 followers · 23 following

Achievements

Achievement: Starstruckx2Achievement: Pull Shark

Achievements

Achievement: Starstruckx2Achievement: Pull Shark

Highlights

  • Pro

Organizations

@SecurityArtWork

Block or report adanto

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Stars

Showing results

Xacone / BestEdrOfTheMarket

EDR Lab for Experimentation Purposes

C++ 1,439 152 Updated Mar 1, 2026

dobin / RedEdr

Collect Windows telemetry for Maldev

C++ 471 56 Updated Apr 25, 2026

adanto / EtwTiViewer

Live ETW-TI event viewer for Windows kernel threat-intelligence telemetry. Research tool for exploring the same signals commercial EDRs rely on.

C++ 139 20 Updated Apr 15, 2026

0xflux / Sanctum

Sanctum is an experimental proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antivirus. Built in Rust.

Rust 540 56 Updated Mar 24, 2026

mrT4ntr4 / NtWarden

Windows Analysis and Research Toolkit

C++ 414 50 Updated Apr 28, 2026

herosi / CTO

Call Tree Overviewer

Python 401 40 Updated Aug 15, 2025

svnscha / mcp-windbg

Model Context Protocol for WinDBG

Python 1,255 118 Updated Apr 13, 2026

MagnetForensics / SwishDbgExt

Incident Response & Digital Forensics Debugging Extension

C++ 395 97 Updated Dec 11, 2018

hacksysteam / HackSysExtremeVulnerableDriver

HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux

C 2,994 580 Updated Feb 24, 2025

RPISEC / MBE

Course materials for Modern Binary Exploitation by RPISEC

C 5,967 907 Updated Dec 9, 2021

KasperskyLab / hrtng

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

C++ 1,816 162 Updated Apr 16, 2026

adanto / remote-PEB

Lightweight PoC enumerating processes and reading remote PEBs for triage and research.

C++ 3 Updated Sep 26, 2025

adanto / winlow

Concise, hands-on Windows internals, exploitation notes and detection playbooks.

3 Updated Sep 26, 2025

adanto / windows-re-research

Windows-focused research covering malware, development, anti-detection, exploits, and CTFs.

Python 2 Updated Sep 26, 2025

ioccc-src / winner

Winners of the International Obfuscated C Code Contest

HTML 1,188 83 Updated Apr 24, 2026

itaymigdal / awesome-injection

Centralized resource for listing and organizing known injection techniques and POCs

697 77 Updated Feb 1, 2026

Cryakl / Ultimate-RAT-Collection

For educational purposes only, exhaustive samples of 500+ classic/modern trojan builders including screenshots.

3,835 887 Updated Apr 27, 2026

mandiant / flare-vm

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

PowerShell 8,595 1,089 Updated Mar 20, 2026

massgravel / Microsoft-Activation-Scripts

Open-source Windows and Office activator featuring HWID, Ohook, TSforge, and Online KMS activation methods, along with advanced troubleshooting.

Batchfile 173,382 16,655 Updated Apr 17, 2026

TsudaKageyu / minhook

The Minimalistic x86/x64 API Hooking Library for Windows

C 5,715 1,051 Updated Nov 3, 2025

frank2 / packer-tutorial

A tutorial on how to write a packer for Windows!

C 311 31 Updated Dec 15, 2023

alexander-hanel / unicorn-engine-notes

Notes on using the Python bindings for the Unicorn Engine

86 8 Updated Feb 14, 2020

d419h / IconJector

Inject DLLs into the explorer process using icons

C++ 407 50 Updated May 18, 2025

manyfacedllama / amsi-tracer

Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) passed into AMSI during dynamic execution.

C++ 113 15 Updated Apr 20, 2021

binref / refinery

High Octane Triage Analysis

Python 841 80 Updated Apr 25, 2026

Sycnex / Windows10Debloater

Script to remove Windows 10 bloatware.

PowerShell 18,813 2,072 Updated Mar 10, 2023

danigargu / deREferencing

IDA Pro plugin that implements more user-friendly register and stack views

Python 765 60 Updated Oct 31, 2025

ldpreload / BlackLotus

BlackLotus UEFI Windows Bootkit

C 2,211 473 Updated Mar 28, 2024

erocarrera / pefile

pefile is a Python module to read and work with PE (Portable Executable) files

Python 2,036 539 Updated Apr 24, 2026

mantvydasb / RedTeaming-Tactics-and-Techniques

Red Teaming Tactics and Techniques

PowerShell 4,578 1,131 Updated Aug 22, 2024
Next