ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solutions that clash with standard anti-debug methods.
☆222Jul 10, 2022Updated 3 years ago
Alternatives and similar repositories for showstopper
Users that are interested in showstopper are comparing it to the libraries listed below
Sorting:
- ☆18Oct 12, 2014Updated 11 years ago
- Anti-Debug encyclopedia contains methods used by malware to verify if they are executed under debugging. It includes the description of v…☆67Nov 8, 2023Updated 2 years ago
- CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers☆145Sep 5, 2020Updated 5 years ago
- POC of integrity checks☆14May 31, 2021Updated 4 years ago
- InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date…☆590Apr 5, 2022Updated 3 years ago
- Anti-Analysis technique, trick the debugger by Hiding events from it.☆20Sep 6, 2021Updated 4 years ago
- Reverse engineered source code of the autochk rootkit☆210Nov 1, 2019Updated 6 years ago
- BEClient2.dll Dumper☆22Jul 9, 2020Updated 5 years ago
- CFB is a ProcMon-style tool designed to assist capturing IRPs sent to Windows drivers.☆332Mar 26, 2024Updated last year
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆241Nov 6, 2019Updated 6 years ago
- Simple API Hooks detector☆77Aug 22, 2022Updated 3 years ago
- Inline syscalls made easy for windows on clang☆736Jun 21, 2024Updated last year
- Simple 32/64-bit PEs loader.☆139Dec 19, 2018Updated 7 years ago
- Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into ca…☆444Jul 10, 2024Updated last year
- Data Obfuscation for C/C++ Code Based on Residue Number Coding (RNC)☆25May 20, 2021Updated 4 years ago
- Sysmon shenanigans☆66Oct 9, 2020Updated 5 years ago
- A more stealthy variant of "DLL hollowing"☆363Mar 8, 2024Updated 2 years ago
- Obfuscate specific windows apis with different apis☆1,022Feb 21, 2021Updated 5 years ago
- ☆69Dec 17, 2020Updated 5 years ago
- A driver that hooks C: volume using symbolic link callback to track all FS access to the volume☆109Apr 24, 2020Updated 5 years ago
- Research on Anti-malware and other related security solutions☆265Jul 25, 2020Updated 5 years ago
- UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red …☆350Jul 3, 2022Updated 3 years ago
- ☆25May 21, 2021Updated 4 years ago
- Binee: binary emulation environment☆530Feb 25, 2023Updated 3 years ago
- AV/EDR evasion via direct system calls.☆1,999Jan 1, 2023Updated 3 years ago
- A bunch of Windows anti-debugging tricks for x86 and x64.☆808May 7, 2021Updated 4 years ago
- Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…☆3,576Oct 31, 2025Updated 4 months ago
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆66Apr 4, 2020Updated 5 years ago
- Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.☆6,885Mar 1, 2026Updated 2 weeks ago
- A Fuzzer for Windows NDIS Drivers OID Handlers☆96Nov 4, 2021Updated 4 years ago
- Enumerate and disable common sources of telemetry used by AV/EDR.☆843Mar 11, 2021Updated 5 years ago
- ☆225Mar 11, 2023Updated 3 years ago
- Code Injection, Inject malicious payload via pagetables pml4.☆243Jul 7, 2021Updated 4 years ago
- Plugin to label PEB addresses.☆31Feb 28, 2017Updated 9 years ago
- For Example. See Miro's Blog☆30Nov 26, 2022Updated 3 years ago
- NINA: No Injection, No Allocation x64 Process Injection Technique☆227Jun 9, 2020Updated 5 years ago
- A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl☆1,340Mar 7, 2026Updated last week
- Original C Implementation of the Hell's Gate VX Technique☆1,170Jun 28, 2021Updated 4 years ago
- Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that…☆3,867Jun 21, 2024Updated last year