Windows 10 Creators Update 32-bit execution of ring-0 code from NULL page via NtQuerySystemInformation (class 185, Warbird functionality)
Radare2 Explorations：This book aims to cover the practical aspects of using the extensive reverse engineering framework, radare2.
tools kernelpop is a framework for performing automated kernel exploit enumeration on Linux, Mac, and Windows hosts.
tools IFR Extractor LS v0.2：Utility to extract the internal forms representation from both EFI and UEFI drivers/applications into human readable text file.
tools Ropper：display information about files in different file formats and you can find gadgets to build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC).
tools Office-DDE-Payloads：Collection of scripts and templates to generate Office documents embedded with the DDE, macro-less command execution technique.
tools heads- A minimal Linux that runs as a coreboot ROM payload to provide a secure, flexible boot environment for laptops and servers.
tools VolatilityBot is an automation tool for researchers cuts all the guesswork and manual tasks out of the binary extraction phase, or to help the investigator in the first steps of performing a memory analysis investigation.