DProvinciani / pt-detector

Related projects: ⓘ

• IgorKorkin / AllMemPro
  AllMemPro
  ☆43Updated 6 years ago
• wcventure / PC-Malware-Sklearner
  [SmartCom2017] An Effective Malware Detection based on Behaviour and Data Feature
  ☆19Updated 6 years ago
• Iamgublin / libemu_pe
  enable libemu run pe file and add some good modify
  ☆13Updated 5 years ago
• ajkhoury / Windbg2Struct
  Takes a Windbg dumped structure (using the 'dt' command) and formats it into a C structure
  ☆33Updated 2 months ago
• fdiskyou / WinAllocTracer
  ☆34Updated this week
• kernweak / Syscall-Monitor
  大表哥的Syscall-Monitor
  ☆33Updated 5 years ago
• mq1n / VDM
  ☆16Updated this week
• yardenshafir / KernelDataStructureFinder
  Driver and WinDBG scripts to dump information about all resources and lookaside lists
  ☆63Updated 4 years ago
• SinaKarvandi / VMCS-Auditor
  VMCS Auditor provides almost all of Intel's VMCS Layout checklist based on Bochs Emulator.
  ☆32Updated 5 years ago
• cow0o0 / VM
  vm -- code interpreter
  ☆26Updated 5 years ago
• rmadair / windbg2ida
  Import debugging traces from WinDBG into IDA. Color the graph, fill in the value of all the operands, etc.
  ☆25Updated 11 years ago
• dcdelia / sniper
  Robust API monitoring system presented in the paper "Designing Robust API Monitoring Solutions" (IEEE TDSC)
  ☆23Updated 2 years ago
• fdfalcon / TypeIsolationDbg
  A little WinDbg extension to help dump the state of Win32k Type Isolation structures.
  ☆38Updated 6 years ago
• 4B5F5F4B / HyperV
  PoC for CVE-2017-0075
  ☆36Updated 5 years ago
• 1ce0ear / DllLoaderUnpacker
  ☆30Updated this week
• heyitsanthony / vexllvm
  Decode machine code into VEX IR and translate into LLVM IR
  ☆25Updated 5 years ago
• BlackLuny / WinIPTCollector
  Intel Processor Trace package collector for Windows
  ☆15Updated 4 years ago
• JKornev / cfgdump
  Windbg extension that allows you analyze Control Flow Guard map
  ☆34Updated 2 years ago
• dro / win10-ida-types
  Windows 10 kernel and ntdll internal types, directly compatible with ida.
  ☆50Updated 5 years ago
• JaanusKaapPublic / BlogHyperV
  Tools made for my Hyper-V blog series @ https://foxhex0ne.blogspot.com/
  ☆53Updated 4 years ago
• yuvatia / Win10GdiExploitation
  Exploiting HEVD's WriteWhatWhereIoctlDispatch for LPE on Windows 10 TH2 through RS3 using GDI objects.
  ☆24Updated 6 years ago
• SinaKarvandi / x64-Driver-Inline-Assembly
  This is a simple driver with x64 inline assembly
  ☆52Updated 4 years ago
• usualsuspect / ida_stuff
  ☆27Updated 6 years ago
• nlog2n / x86obfuscator
  a binary x86win32 code obfuscator using virtual machine
  ☆32Updated 7 years ago
• NtRaiseHardError / Providence
  Kernel-mode file scanner
  ☆17Updated 6 years ago
• intelpt / winafl-intelpt
  A fork of AFL for fuzzing Windows binaries
  ☆53Updated 5 years ago
• capstone-engine / __capstone0
  ☆39Updated this week
• Tekiter / WatchDBG-IDA
  IDA 7.0 meets watch view!
  ☆41Updated 3 years ago
• Nerlant / SyscallDumper
  ☆19Updated 5 years ago