A utility for playing with cryptography, geared towards ransomware analysis.
☆324Aug 13, 2025Updated 6 months ago
Alternatives and similar repositories for CryptoTester
Users that are interested in CryptoTester are comparing it to the libraries listed below
Sorting:
- An open-source tool for efficiently parsing x64dbg trace files (.trace32 & .trace64).☆41Jan 20, 2026Updated last month
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆163Aug 23, 2024Updated last year
- A dynamic unpacking tool☆147Sep 17, 2023Updated 2 years ago
- ☆127Feb 24, 2026Updated last week
- Encypting the Heap while sleeping by hooking and modifying Sleep with our own sleep that encrypts the heap☆246Aug 2, 2023Updated 2 years ago
- An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe component☆11Aug 5, 2023Updated 2 years ago
- Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.☆674Nov 9, 2023Updated 2 years ago
- Now You See Me, Now You Don't☆1,025Jan 23, 2026Updated last month
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115May 21, 2023Updated 2 years ago
- An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in gen…☆855Feb 2, 2024Updated 2 years ago
- CompMgmtLauncher & Sharepoint DLL Search Order hijacking UAC/persist via OneDrive☆111Feb 2, 2026Updated last month
- Small PoC of using a Microsoft signed executable as a lolbin.☆141Feb 27, 2023Updated 3 years ago
- For when DLLMain is the only way☆424Oct 29, 2024Updated last year
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆35Mar 28, 2023Updated 2 years ago
- Implementation of Advanced Module Stomping and Heap/Stack Encryption☆225Jul 25, 2023Updated 2 years ago
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆211Nov 12, 2025Updated 3 months ago
- ☆189Jan 23, 2024Updated 2 years ago
- ☆292Jul 20, 2023Updated 2 years ago
- Threadless Process Injection through entry point hijacking☆350Sep 10, 2024Updated last year
- Think APIMonitor, but for .NET binaries.☆58Feb 22, 2023Updated 3 years ago
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆242Sep 26, 2023Updated 2 years ago
- 巨硬☆17Oct 4, 2023Updated 2 years ago
- Helper scripts for windows debugging with symbols for Bochs and IDA Pro (PDB files). Very handy for user mode <--> kernel mode☆19Aug 11, 2023Updated 2 years ago
- A set of fully-undetectable process injection techniques abusing Windows Thread Pools☆1,248Dec 11, 2023Updated 2 years ago
- x64 binary obfuscator☆1,960Jul 14, 2023Updated 2 years ago
- Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.☆784Jun 23, 2023Updated 2 years ago
- (First Public?) Sample of unhooking ntdll (All Exports & IAT imports) hooks in Rust using in-memory disassembly, avoiding direct syscalls…☆137Mar 3, 2025Updated last year
- Terminate AV/EDR Processes using kernel driver☆352Jun 12, 2023Updated 2 years ago
- IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformati…☆1,748Feb 24, 2026Updated last week
- kill anti-malware protected processes ( BYOVD )☆968Jul 21, 2023Updated 2 years ago
- Research on code virtualization in .NET [WIP]☆205Jun 20, 2023Updated 2 years ago
- Malware development: persistence - part 1: startup folder registry keys. C++ implementation☆12Apr 21, 2022Updated 3 years ago
- Reversed WintaPix Malware Source code | That targets countries in the Middle East and abuse KeServiceDescriptorTable(SSDT), persistence a…☆22Jul 6, 2024Updated last year
- HVNC for Cobalt Strike☆1,298Dec 7, 2023Updated 2 years ago
- Nidhogg is an all-in-one simple to use windows kernel rootkit.☆2,274Feb 15, 2026Updated 2 weeks ago
- RozDll by ROZBUD is a Powerful Reverse Engineering Tool that creates Hijacked DLLs and Standard Patchers. RozDll Is used In Software Veri…☆73Sep 14, 2025Updated 5 months ago
- ECC Public Key Cryptography☆37Oct 29, 2023Updated 2 years ago
- de4dot fixed to handle "anti-de4dot" interface adder☆33Jun 6, 2020Updated 5 years ago
- IDA Python scripts☆42Apr 11, 2025Updated 10 months ago