Battelle / REpsych

Related projects: ⓘ

• mrphrazer / msynth
  Code deobfuscation framework to simplify Mixed Boolean-Arithmetic (MBA) expressions
  ☆280Updated 4 months ago
• CheckPointSW / showstopper
  ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…
  ☆195Updated 2 years ago
• hfiref0x / NtCall64
  Windows NT x64 syscall fuzzer
  ☆584Updated last year
• airbus-seclab / warbirdvm
  An analysis of the Warbird virtual-machine protection for the CI!g_pStore
  ☆217Updated 6 years ago
• VergiliusProject / vergilius-project
  This project provides a collection of Microsoft Windows kernel structures, unions and enumerations. Most of them are not officially docum…
  ☆159Updated 3 months ago
• PELock / Simple-Polymorphic-Engine-SPE32
  Simple Polymorphic Engine (SPE32) is a simple polymorphic engine for encrypting code and data. It is an amateur project that can be used …
  ☆127Updated last year
• thebabush / dumb-obfuscator
  Tutorial on how to write the dumbest obfuscator I could think of.
  ☆166Updated 4 years ago
• patois / abyss
  abyss - augmentation of Hexrays decompiler output
  ☆324Updated last year
• rwfpl / rewolf-x86-virtualizer
  Simple VM based x86 PE (portable exectuable) protector.
  ☆325Updated 9 years ago
• eset / stadeo
  Control-flow-flattening and string deobfuscator
  ☆145Updated 2 years ago
• x64dbg / x64dbgida
  Official x64dbg plugin for IDA Pro.
  ☆440Updated last year
• revsic / AntiDebugging
  AntiDebugging sample sources written in C++
  ☆333Updated 6 years ago
• namazso / IDAShell
  Shell extension for opening executables in IDA
  ☆182Updated last year
• therealdreg / DbgChild
  Debug Child Process Tool (auto attach)
  ☆267Updated last year
• RicBent / Classy
  IDA Pro plugin to manage classes
  ☆271Updated last week
• JustasMasiulis / ida_bitfields
  IDA Pro plugin to make bitfield accesses easier to grep
  ☆221Updated 5 months ago
• nccgroup / DriverBuddy
  DriverBuddy is an IDA Python script to assist with the reverse engineering of Windows kernel drivers.
  ☆350Updated 4 years ago
• vxcute / WindowsInternals
  Yet another windows internals repo
  ☆202Updated 3 years ago
• tandasat / SimpleSvmHook
  SimpleSvmHook is a research purpose hypervisor for Windows on AMD processors.
  ☆345Updated 3 years ago
• can1357 / NtRays
  Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.
  ☆506Updated last month
• ajkhoury / UEFI-Bootkit
  A small bootkit which does not rely on x64 assembly.
  ☆429Updated 5 years ago
• 0xcpu / WinAltSyscallHandler
  Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999
  ☆203Updated 4 years ago
• 1111joe1111 / tuts
  Reverse engineering tutorials
  ☆155Updated 6 years ago
• hugsy / CFB
  Canadian Furious Beaver is a ProcMon-style tool designed only for capturing IRPs sent to any Windows driver.
  ☆308Updated 5 months ago
• vtil-project / VTIL-BinaryNinja
  ☆90Updated 3 years ago
• Cr4sh / KernelForge
  A library to develop kernel level Windows payloads for post HVCI era
  ☆355Updated 3 years ago
• hasherezade / ida_ifl
  IFL - Interactive Functions List (plugin for IDA Pro)
  ☆422Updated 2 months ago
• guidedhacking / anti-debugging
  Anti-debugging techniques on a (bad looking) Win32 application.
  ☆232Updated 5 months ago
• can1357 / ByePg
  Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.
  ☆822Updated 4 years ago
• SheLLVM / SheLLVM
  A collection of LLVM transform and analysis passes to write shellcode in regular C
  ☆368Updated last year