Anoop Saldanha's Projects
API Logger for Windows Executables
Various public documents, whitepapers and articles about APT campaigns
🦄 A curated list of the awesome resources about the Vulnerability Research
bdvl
ClamAV Development
CobaltStrike's source code
Microsoft Research Detours Package
Archive of leaked Equation Group materials
Examine, a memory leak checker on Windows
Holds the exercise samples used in the book "Malware Analysis and Detection Engineering" - https://www.amazon.com/dp/1484261925
Free bypass runpe WARZONE - NJRAT RAT -- pass 3losh
GNU Libc
Deception Technology for Endpoints
(l)user hunter using WinAPI calls only
Persistent IAT hooking application - based on bearparser. More: http://hasherezade.github.io/IAT_patcher/
Inside Windows Debugging Book Code Samples
Intercept a system call using a loadable kernel module.
Universal web application security sensor intended for real-time monitoring and defense.
Online judge sandbox based on seccomp | 需要命令行、Java JNI和php C extension集成,欢迎contribute
My personal development tree for Ironbee LibHTP
A library to load and manipulate PE files.
A GNU/Linux keylogger that works!
malware source codes
Malware source code samples leaked online uploaded to GitHub for those who want to analyze the code.
Leaked Mirai Source Code for Research/IoC Development Purposes
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.
The original sources of MS-DOS 1.25 and 2.0, for reference purposes
A feature which let driver know when there is new driver loaded in system.