☆26Sep 29, 2022Updated 3 years ago
Alternatives and similar repositories for COM-Explained
Users that are interested in COM-Explained are comparing it to the libraries listed below
Sorting:
- Some drivers I've written while solving exercises from Practical Reverse Engineering☆15Jan 9, 2022Updated 4 years ago
- WTSRM☆216Aug 7, 2022Updated 3 years ago
- windows kernelmode driver to inject dll into each and every process and perform systemwide function hooking☆53Aug 28, 2022Updated 3 years ago
- Experimental disassembler for x86 binaries virtualized by VMProtect 3☆98Aug 27, 2022Updated 3 years ago
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated last year
- Walks through the 4-level paging structures in Windows x64☆13Feb 12, 2023Updated 3 years ago
- .lib file for linking against the NT CRT☆19Mar 18, 2022Updated 4 years ago
- ☆155Jul 31, 2022Updated 3 years ago
- ☆61Jun 26, 2022Updated 3 years ago
- ☆13May 31, 2023Updated 2 years ago
- Files for http://deniable.org/windows/windows-callbacks☆26Jul 9, 2020Updated 5 years ago
- Lists all visible objects in the Windows kernel object namespace, a command-line WinObj☆15May 27, 2018Updated 7 years ago
- ☆118Aug 7, 2022Updated 3 years ago
- A simple COM server which provides a component to run shellcode☆148May 12, 2020Updated 5 years ago
- ☆98Dec 9, 2021Updated 4 years ago
- research revolving the windows filtering platform callout mechanism☆39May 26, 2024Updated last year
- Blog posts☆29Aug 7, 2020Updated 5 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆71May 11, 2022Updated 3 years ago
- A repository of IDA Databases and Binaries used for the analysis of popular commercial virtual-machine obfuscators☆72Oct 7, 2022Updated 3 years ago
- Plugin for x64dbg to disable parallel loading of dependencies☆19Sep 3, 2022Updated 3 years ago
- Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…☆25Mar 26, 2020Updated 5 years ago
- Illustrates the concept of return address spoofing, and how it is used.☆14May 13, 2020Updated 5 years ago
- Helper script for Windows kernel debugging with IDA Pro on native Bochs debugger (including PDB symbols)☆62Aug 11, 2023Updated 2 years ago
- A utility that can be used to launch an executable with a DLL injected☆19Nov 20, 2023Updated 2 years ago
- ☆90Jun 2, 2024Updated last year
- Self-Loading Registration Free COM Functions☆11Nov 12, 2019Updated 6 years ago
- ☆30Nov 7, 2022Updated 3 years ago
- Add an empty section to a PE file☆53Aug 8, 2017Updated 8 years ago
- ☆30Oct 13, 2020Updated 5 years ago
- Python 3 - Manipulation and conversation with different data type (Bytes operations)☆28Feb 15, 2022Updated 4 years ago
- An example of Windows NT Native API application and kernel driver☆22Feb 10, 2020Updated 6 years ago
- Demonstrate the new FileDispositionInfoEx behavior☆15Nov 6, 2017Updated 8 years ago
- Experiment to use sections as User/Kernelmode comm vector☆22Apr 7, 2023Updated 2 years ago
- Hijack NotifyRoutine for a kernelmode thread☆41Jun 4, 2022Updated 3 years ago
- WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API☆26Apr 24, 2022Updated 3 years ago
- Load Dll into Kernel space☆40Aug 23, 2022Updated 3 years ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆68Aug 11, 2023Updated 2 years ago
- ☆29Aug 24, 2025Updated 6 months ago
- Fuzzy search tool for IDA Pro (Update)☆12Mar 18, 2024Updated 2 years ago