DissectMalware / yaradbg-backend
☆25Updated last year
Alternatives and similar repositories for yaradbg-backend:
Users that are interested in yaradbg-backend are comparing it to the libraries listed below
- ☆39Updated last year
- Progress of learning kernel development☆14Updated 2 years ago
- ☆18Updated 3 months ago
- the Open Source and Pure C++ Packer for eXecutables☆19Updated 2 years ago
- Identifies metadata of .NET binary files.☆21Updated last year
- A utility that can be used to launch an executable with a DLL injected☆18Updated last year
- example using NtCreateUserProcess in rust☆19Updated 2 months ago
- A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.☆21Updated 9 months ago
- ☆18Updated last year
- PoC MSI payload based on ASEC/AhnLab's blog post☆23Updated 2 years ago
- A mechanism that trampoline hooks functions in x86/x64 systems.☆22Updated 6 months ago
- ☆24Updated 2 years ago
- Parent Process ID Spoofing, coded in CGo.☆22Updated 9 months ago
- Remap ntdll.dll using only NTAPI functions with a suspended process☆20Updated this week
- PoC for detecting and evading ETW detection of .Net Assembly.Load☆20Updated 4 years ago
- Golang bindings for PE-sieve☆43Updated last year
- Simple dotnet Native AOT app that uses AsmResolver to convert shellcode to PE☆65Updated last year
- ☆27Updated 4 months ago
- IDA Python scripts☆34Updated this week
- run process as PPL Antimalware☆10Updated last year
- Extension functionality for the NightHawk operator client☆27Updated last year
- ☆30Updated 4 months ago
- Implementation of ITaskHandler in C++☆13Updated 2 years ago
- call gates as stable comunication channel for NT x86 and Linux x86_64☆31Updated last year
- powershell script i wrote that can suspend an arbitrary process (with limits)☆20Updated 2 years ago
- A collection of my presentation materials.☆17Updated 11 months ago
- An injector that use PT_LOAD technique☆12Updated 2 years ago
- ☆12Updated last year
- ☆17Updated last month
- This x64dbg plugin allows you to upload your sample to Malcore and view the results.☆33Updated last year