360trev / PELoadFromRamLinks
Very very useful example of loading and relocating the (Win32) DLL from memory (!) which allows many possibilities and much more flexibility to dynamically link code from many sources including realtime download from the web and also code signing!
☆21Updated 12 years ago
Alternatives and similar repositories for PELoadFromRam
Users that are interested in PELoadFromRam are comparing it to the libraries listed below
Sorting:
- windows create process with a dll load first time via LdrHook☆30Updated 8 years ago
- The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers☆34Updated 8 years ago
- eyuyan image rebuild tools source code☆13Updated 8 years ago
- ☆25Updated 4 years ago
- Scanning and identifying XOR encrypted PE files in PE resources☆28Updated 10 years ago
- Packer for PE and ELF, 32 and 64bits.☆22Updated 11 years ago
- Anti-AV compilation☆42Updated 11 years ago
- ☆14Updated 8 years ago
- An aggregate of tools used in the core of vmp_dbg plus other parsing utils to parse vmp bc.☆15Updated 8 years ago
- A c++, QT gui based memory engine☆13Updated 7 years ago
- Minifilter Driver☆15Updated 8 years ago
- A tool similar to netcat, but tunneled over DNS☆18Updated 8 years ago
- wow64 syscall filter☆13Updated 10 years ago
- Final Transparent encrypted version☆14Updated 8 years ago
- Helper utility for debugging windows PE/PE+ loader.☆52Updated 10 years ago
- Zerokit shared code☆16Updated 6 years ago
- Maltrace is a simple syscall tracer for Windows implemented through the use of PIN.☆23Updated 12 years ago
- Analysis and Modification Tool for Executables☆16Updated 6 years ago
- OpenHIPS prevents exploitation of Windows systems☆35Updated 12 years ago
- Framework complet d'analyse de malware☆12Updated 9 years ago
- Sandbox d'analyse de malware pour Windows 7 avec un client TCP en mode noyau☆19Updated 9 years ago
- Windows inject☆16Updated 6 years ago
- Native Development Kit for Vista 64bit And Later, by me, Based on NDK Headers 1.0, by Alex Ionescu☆16Updated 9 years ago
- simple plugin for lastest olly versions to display the callstack☆16Updated 12 years ago
- CVE-2014-0816☆25Updated 8 years ago
- Lists work items being queued currently.☆14Updated 9 years ago
- Various libraries focused on examining/parsing NTFS-specific structures☆16Updated 9 years ago
- metasploit loader with antivirus bypass module☆17Updated 8 years ago
- Ssdt Hook Detection tool☆13Updated 8 years ago
- A sample project for using Capstone from a driver in Visual Studio 2015☆34Updated 9 years ago