DProvinciani / pt-detector
Code-Reuse Exploits detection using Intel Processor Trace
☆27Updated 6 years ago
Related projects ⓘ
Alternatives and complementary repositories for pt-detector
- AllMemPro☆43Updated 6 years ago
- [SmartCom2017] An Effective Malware Detection based on Behaviour and Data Feature☆19Updated 6 years ago
- Takes a Windbg dumped structure (using the 'dt' command) and formats it into a C structure☆34Updated 4 months ago
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆66Updated 4 years ago
- Decode machine code into VEX IR and translate into LLVM IR☆25Updated 5 years ago
- Import debugging traces from WinDBG into IDA. Color the graph, fill in the value of all the operands, etc.☆25Updated 12 years ago
- A little WinDbg extension to help dump the state of Win32k Type Isolation structures.☆38Updated 6 years ago
- ☆27Updated 6 years ago
- 大表哥的Syscall-Monitor☆34Updated 5 years ago
- Материалы к статье "Препарируем Hyper V"☆13Updated 10 years ago
- Kernel-mode file scanner☆17Updated 6 years ago
- VMCS Auditor provides almost all of Intel's VMCS Layout checklist based on Bochs Emulator.☆31Updated 5 years ago
- Tools made for my Hyper-V blog series @ https://foxhex0ne.blogspot.com/☆54Updated 4 years ago
- enable libemu run pe file and add some good modify☆14Updated 5 years ago
- Robust API monitoring system presented in the paper "Designing Robust API Monitoring Solutions" (IEEE TDSC)☆23Updated 2 years ago
- Analyze PatchGuard☆53Updated 6 years ago
- User-mode program parsing logs created by HyperPlatform☆17Updated 8 years ago
- windbg plugin for win32k debugging☆72Updated 5 years ago
- vm -- code interpreter☆26Updated 5 years ago
- a binary x86win32 code obfuscator using virtual machine☆32Updated 7 years ago
- Windows 10 kernel and ntdll internal types, directly compatible with ida.☆50Updated 6 years ago
- PoC for CVE-2017-0075☆36Updated 5 years ago
- ☆11Updated 4 years ago
- ☆44Updated 4 years ago
- ☆24Updated 8 years ago