86hh / BEAUTIFULSKYLinks
☆21Updated 6 years ago
Alternatives and similar repositories for BEAUTIFULSKY
Users that are interested in BEAUTIFULSKY are comparing it to the libraries listed below
Sorting:
- ☆49Updated 5 years ago
- ☆17Updated 5 years ago
- Malware Analysis, Anti-Analysis, and Anti-Anti-Analysis☆45Updated 8 years ago
- PoC for hiding PE exports☆67Updated 4 years ago
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆73Updated 2 years ago
- Local OXID Resolver (LCLOR) : Research and Tooling☆35Updated 4 years ago
- A research project about Windows notify routines.☆38Updated 5 years ago
- Windbg extension that allows you analyze Control Flow Guard map☆36Updated 4 years ago
- Binary Ninja plugin to perform automated analysis of Windows drivers☆18Updated 6 years ago
- DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10☆53Updated last year
- ☆28Updated 5 years ago
- An Integrity-Check Monitoring Pintool☆58Updated 4 years ago
- Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.☆99Updated 5 years ago
- Sample project for kernel debugging automation with Vagrant☆60Updated 5 years ago
- ☆18Updated 4 years ago
- This is a simple driver with x64 inline assembly☆57Updated 5 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆22Updated 7 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆78Updated 10 years ago
- AMD SVM hypervisor rootkit proof of concept☆47Updated 2 years ago
- ☆34Updated 8 years ago
- A set of small utilities, helpers for PIN tracers☆34Updated 3 weeks ago
- ☆24Updated 4 years ago
- This repository contains D-TIME: Distributed Threadless Independent Malware Execution for Runtime Obfuscation.☆37Updated 4 years ago
- executing JS from x86 code☆27Updated 6 years ago
- An experimental dynamic malware unpacker based on Intel Pin and PE-sieve☆63Updated last year
- An API Monitor based on Instrumentation☆44Updated 7 years ago
- ☆34Updated 4 years ago
- clone of armadillo patched for windows☆47Updated last year
- A small library helping to parse commandline parameters (for C/C++)☆58Updated 5 months ago
- Driver demonstrating how to register a DPC to asynchronously wait on an object☆50Updated 4 years ago