0vercl0k / udmp-parser-rs
A Rust crate for parsing Windows user minidumps.
☆40Updated 4 months ago
Related projects: ⓘ
- A post-processing script for TinyTracer☆37Updated last year
- A KISS Rust crate to parse Windows kernel crash-dumps created by Windows & its debugger.☆33Updated last month
- WinDbg extension written in Rust to dump the CPU / memory state of a running VM☆110Updated last month
- PEIM (UEFI) bootkit targeting OVMF (EDK2)☆33Updated 9 months ago
- Example of building an application verifer DLL☆44Updated 3 months ago
- A Python script to download PDB files associated with a Portable Executable (PE)☆113Updated 2 months ago
- Contains all the applications developed for the Second part of the 7th Edition of Windows Internals book☆86Updated 2 months ago
- ☆25Updated 10 months ago
- WslinkVMAnalyzer is a tool to facilitate analysis of code protected by a virtual machine featured in Wslink malware☆45Updated 2 years ago
- Rust bindings to the System Informer's (formerly known as Process Hacker) "phnt" native Windows headers☆35Updated last week
- Winbindex bot to pull in binaries for specific releases☆44Updated last year
- Extract data of TTD trace file to a minidump☆28Updated last year
- Report and exploit of CVE-2023-36427☆86Updated 9 months ago
- Static analysis tool based on clang, which detects source-to-binary information leaks in C and C++ projects☆77Updated last year
- call gates as stable comunication channel for NT x86 and Linux x86_64☆28Updated last year
- A Linux x86/x86-64 tool to trace registers and memory regions.☆34Updated 2 years ago
- A rust based DLL injection project☆30Updated 2 years ago
- Report and exploit of CVE-2024-21305.☆29Updated 8 months ago
- HEVD Exploit: BufferOverflowNonPagedPoolNx on Windows 10 22H2 - Escalating from Low Integrity to SYSTEM via Aligned Chunk Confusion☆36Updated last month
- Rust library for lifting raw binary data to LLVM IR☆37Updated last month
- ☆18Updated last year
- Small visualizator for PE files☆66Updated last year
- An x64dbg plugin which helps make sense of long C++ symbols☆58Updated last year
- A Unit-Based Symbolic Execution Method for Detecting Memory Corruption Vulnerabilities in Executable Codes☆43Updated last year
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆69Updated last year
- Playing with LLVM passes☆34Updated last year
- rp-bf: A library to bruteforce ROP gadgets by emulating a Windows user-mode crash-dump☆110Updated 4 months ago
- An experimental dynamic malware unpacker based on Intel Pin and PE-sieve☆57Updated last month
- A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.☆62Updated last month
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆24Updated last year