EliseZeroTwo / SEH-HelperLinks
Binary Ninja plugin for exploring Structured Exception Handlers
☆81Updated last year
Alternatives and similar repositories for SEH-Helper
Users that are interested in SEH-Helper are comparing it to the libraries listed below
Sorting:
- ☆145Updated 2 years ago
- IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).☆89Updated 3 years ago
- MalUnpack companion driver☆98Updated last year
- ☆43Updated 3 years ago
- PoC for hiding PE exports☆67Updated 4 years ago
- Resolve DOS MZ executable symbols at runtime☆95Updated 3 years ago
- A collection of tools, source code, and papers researching Windows' implementation of CET.☆84Updated 4 years ago
- a PE Loader and Windows API tracer. Useful in malware analysis.☆139Updated 2 years ago
- An experimental dynamic malware unpacker based on Intel Pin and PE-sieve☆60Updated 10 months ago
- ☆31Updated 3 years ago
- A code parser for C-Style header files that lets you to parse function's prototypes and data types used in their parameters.☆94Updated 3 years ago
- A tool that automates regex generation for the x86 and x86-64 instruction sets☆73Updated last year
- Local OXID Resolver (LCLOR) : Research and Tooling☆35Updated 4 years ago
- Writeups for CTF challenges☆31Updated last year
- clone of armadillo patched for windows☆47Updated 8 months ago
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆116Updated 2 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆106Updated 5 years ago
- IDA Pro plugin for recognizing known hashes of API function names☆81Updated 3 years ago
- Nim-IDA-FLIRT-Generator☆15Updated last year
- Abusing exceptions for code execution.☆111Updated 2 years ago
- Report and exploit of CVE-2023-36427☆90Updated last year
- arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system☆57Updated 3 years ago
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆72Updated last year
- IDA plugin for quickly copying disassembly as encoded hex bytes☆62Updated 3 years ago
- Collection of obfuscation, tamper-proofing, and watermarking algorithms targeting LLVM IR.☆72Updated 5 years ago
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆55Updated 2 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆51Updated 4 years ago
- WIP Emotet Control Flow Unflattening using miasm and radare2☆23Updated 2 years ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆66Updated last year
- short crackme for Windows XP SP3 (32 bit version). ring0 stuff. IMO very fun x-)☆23Updated last year