Blueliv / maze-deobfuscation

Related projects ⓘ

Alternatives and complementary repositories for maze-deobfuscation

• benoitsevens / applying-ttd-to-malware-analysis
  Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019
  ☆39Updated 5 years ago
• 0xAlexei / Publications
  My conference presentations and publications
  ☆26Updated 2 years ago
• saweol / vwaad
  IDA script for vmprotect Windows Api address decoder
  ☆51Updated 3 years ago
• marcusbotacin / Anti.Analysis
  Malware Analysis, Anti-Analysis, and Anti-Anti-Analysis
  ☆44Updated 7 years ago
• alexander-hanel / gopep
  Go Lang Portable Executable Parser
  ☆37Updated 3 years ago
• edeca / rtfraptor
  Extract OLEv1 objects from RTF files by instrumenting Word
  ☆51Updated 5 years ago
• Fare9 / ANBU
  ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking.
  ☆88Updated 5 years ago
• hasherezade / flareon2019
  Flare-On solutions
  ☆36Updated 5 years ago
• fdfalcon / TypeIsolationDbg
  A little WinDbg extension to help dump the state of Win32k Type Isolation structures.
  ☆38Updated 6 years ago
• cbayet / PoolSprayer
  Simple library to spray the Windows Kernel Pool
  ☆104Updated 4 years ago
• nihilus / idascope
  ☆26Updated 10 years ago
• Sentinel-One / minhook
  The Minimalistic x86/x64 API Hooking Library for Windows
  ☆32Updated 6 years ago
• alexander-hanel / ida_yara
  A python script that can be used to scan data within in an IDB using Yara.
  ☆22Updated 6 years ago
• evandowning / windbg-trace
  Use WinDBG to trace the Windows API calls of any Portable Executable file
  ☆30Updated 7 years ago
• aaaddress1 / winInject101
  Windows Injection 101: from Zero to ROP (HITCON 2017)
  ☆27Updated 7 years ago
• mandiant / win10_rekall
  Rekall Memory Forensic Framework
  ☆29Updated 5 years ago
• ulexec / EmotetCFU
  WIP Emotet Control Flow Unflattening using miasm and radare2
  ☆23Updated last year
• MortenSchenk / RtlCaptureContext-CFG-Bypass
  Internet Explorer Exploit with CFG bypass for Windows 10
  ☆53Updated 7 years ago
• v-p-b / WindowsDefenderTools
  Tools for instrumenting Windows Defender's mpengine.dll
  ☆36Updated 6 years ago
• shamrockhoax / mazedecoder
  ☆28Updated 4 years ago
• bnbdr / swisscheese
  Exploits for YARA 3.7.1 & 3.8.1
  ☆30Updated 5 years ago
• MortenSchenk / tagWnd-Hardening-Bypass
  Bypass for the hardening against usage of tagWnd as a kernel read/write primitive
  ☆26Updated 7 years ago
• alexander-hanel / hansel
  Hansel - a simple but flexible search for IDA
  ☆26Updated 5 years ago
• En14c / Erebus
  Poc for ELF64 runtime infection via GOT poisoning technique by elfmaster
  ☆29Updated 4 years ago
• hugsy / hevd
  Public repository for HEVD exploits
  ☆20Updated 6 years ago
• jackullrich / Windows-API-Fuzzer
  Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.
  ☆94Updated 4 years ago
• Dump-GUY / ghidra_scripts
  ☆66Updated last year
• tenable / mIDA
  ☆33Updated last year
• SouhailHammou / IDARay-Plugin
  IDARay is an IDA Pro plugin that matches the database against multiple YARA files which themselves may contain multiple rules.
  ☆18Updated 6 years ago