☆26Sep 29, 2022Updated 3 years ago
Alternatives and similar repositories for COM-Explained
Users that are interested in COM-Explained are comparing it to the libraries listed below
Sorting:
- Some drivers I've written while solving exercises from Practical Reverse Engineering☆15Jan 9, 2022Updated 4 years ago
- Experimental disassembler for x86 binaries virtualized by VMProtect 3☆99Aug 27, 2022Updated 3 years ago
- windows kernelmode driver to inject dll into each and every process and perform systemwide function hooking☆53Aug 28, 2022Updated 3 years ago
- Walks through the 4-level paging structures in Windows x64☆13Feb 12, 2023Updated 3 years ago
- ☆60Jun 26, 2022Updated 3 years ago
- ☆13May 31, 2023Updated 2 years ago
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated last year
- ☆153Jul 31, 2022Updated 3 years ago
- Illustrates the concept of return address spoofing, and how it is used.☆14May 13, 2020Updated 5 years ago
- WTSRM☆216Aug 7, 2022Updated 3 years ago
- ☆118Aug 7, 2022Updated 3 years ago
- ☆30Nov 7, 2022Updated 3 years ago
- An example of Windows NT Native API application and kernel driver☆22Feb 10, 2020Updated 6 years ago
- A repository of IDA Databases and Binaries used for the analysis of popular commercial virtual-machine obfuscators☆72Oct 7, 2022Updated 3 years ago
- Plugin for x64dbg to disable parallel loading of dependencies☆19Sep 3, 2022Updated 3 years ago
- research revolving the windows filtering platform callout mechanism☆39May 26, 2024Updated last year
- A utility that can be used to launch an executable with a DLL injected☆19Nov 20, 2023Updated 2 years ago
- .lib file for linking against the NT CRT☆18Mar 18, 2022Updated 3 years ago
- ☆98Dec 9, 2021Updated 4 years ago
- Miscellaneous Code and Docs☆83Jul 12, 2025Updated 7 months ago
- Add an empty section to a PE file☆53Aug 8, 2017Updated 8 years ago
- Hijack NotifyRoutine for a kernelmode thread☆41Jun 4, 2022Updated 3 years ago
- Load Dll into Kernel space☆40Aug 23, 2022Updated 3 years ago
- Walks the CFG bitmap to find previously executable but currently hidden shellcode regions☆133May 17, 2023Updated 2 years ago
- WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API☆26Apr 24, 2022Updated 3 years ago
- ☆90Jun 2, 2024Updated last year
- Helper script for Windows kernel debugging with IDA Pro on native Bochs debugger (including PDB symbols)☆62Aug 11, 2023Updated 2 years ago
- Read my blog for more info -☆31Apr 27, 2021Updated 4 years ago
- A poc that abuses Enclave☆40Sep 8, 2022Updated 3 years ago
- Application Verifier Dynamic Fault Injection☆40Jan 12, 2026Updated last month
- A simple way to spoof return addresses using an exception handler☆43Aug 3, 2022Updated 3 years ago
- Experiment to use sections as User/Kernelmode comm vector☆22Apr 7, 2023Updated 2 years ago
- IDA plugin for quickly copying disassembly as encoded hex bytes☆65Feb 5, 2022Updated 4 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆71May 11, 2022Updated 3 years ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆68Aug 11, 2023Updated 2 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆268Aug 31, 2022Updated 3 years ago
- Windows Minidump loader for Ghidra☆29Sep 30, 2022Updated 3 years ago
- A simple COM server which provides a component to run shellcode☆149May 12, 2020Updated 5 years ago
- ☆113Oct 10, 2022Updated 3 years ago