DProvinciani / pt-detectorLinks
Code-Reuse Exploits detection using Intel Processor Trace
☆28Updated 7 years ago
Alternatives and similar repositories for pt-detector
Users that are interested in pt-detector are comparing it to the libraries listed below
Sorting:
- AllMemPro☆45Updated 7 years ago
- 大表哥的Syscall-Monitor☆34Updated 6 years ago
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆68Updated 5 years ago
- Tools made for my Hyper-V blog series @ https://foxhex0ne.blogspot.com/☆57Updated 5 years ago
- Takes a Windbg dumped structure (using the 'dt' command) and formats it into a C structure☆36Updated last year
- VMCS Auditor provides almost all of Intel's VMCS Layout checklist based on Bochs Emulator.☆32Updated 6 years ago
- it can extract functions from .dll, .exe, .sys and it be work! :)☆38Updated 6 years ago
- Windbg extension that allows you analyze Control Flow Guard map☆36Updated 3 years ago
- vm -- code interpreter☆25Updated 6 years ago
- POC of sysenter x64 LSTAR MSR hook☆40Updated 11 years ago
- Sample programs that illustrate how to use Control Flow Guard, VS2015's control flow integrity implementation☆52Updated 8 years ago
- Windows sandbox PoC☆32Updated 5 years ago
- windbg plugin for win32k debugging☆75Updated 5 years ago
- Windows 10 kernel and ntdll internal types, directly compatible with ida.☆52Updated 6 years ago
- enable libemu run pe file and add some good modify☆14Updated 6 years ago
- This is a simple driver with x64 inline assembly☆57Updated 5 years ago
- Analyze PatchGuard☆59Updated 7 years ago
- VMX intrinsics plugin for Hex-Rays decompiler☆71Updated 5 years ago
- [SmartCom2017] An Effective Malware Detection based on Behaviour and Data Feature☆19Updated 6 years ago
- An API Monitor based on Instrumentation☆43Updated 7 years ago
- ☆20Updated 8 years ago
- Exploiting HEVD's WriteWhatWhereIoctlDispatch for LPE on Windows 10 TH2 through RS3 using GDI objects.☆24Updated 7 years ago
- createfile☆48Updated 9 years ago
- Use WinDBG to trace the Windows API calls of any Portable Executable file☆31Updated 8 years ago
- IDA plugin to explore and browse tags☆56Updated 6 years ago
- ☆27Updated 6 years ago
- clone of armadillo patched for windows☆47Updated 10 months ago
- Open Course for diving security internal☆51Updated 5 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆32Updated 8 years ago
- Windbg2ida lets you dump each step in Windbg then shows these steps in IDA☆75Updated last year