Ge0 / PeTools
PortableExecutable lib + set of tools...
☆17Updated 12 years ago
Related projects: ⓘ
- Simple tool for unpacking packed/protected malware executables.☆32Updated 12 years ago
- ASProtect reverse engineering & analysis WinDbg extension☆20Updated 3 years ago
- PCAUSA Rawether for Windows Local Privilege Escalation☆36Updated 7 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆21Updated 7 years ago
- A plugin for x64dbg for x86 emulation powered by the Unicorn-engine.☆29Updated 8 years ago
- Helper utility for debugging windows PE/PE+ loader.☆49Updated 9 years ago
- Simple PE packer with RtlCompressBuffer☆21Updated 9 years ago
- Kernel Shellcode to add all privileges in token☆13Updated 7 years ago
- My commands and scripts extending WinDbg☆28Updated 2 weeks ago
- Reverse engineered vmware workstation code to aid in kernel debugging.☆14Updated 8 years ago
- unicorn emulator for x64dbg☆30Updated 6 years ago
- Anti-Anti-Debugger Plugins☆18Updated 11 years ago
- Import debugging traces from WinDBG into IDA. Color the graph, fill in the value of all the operands, etc.☆25Updated 11 years ago
- Analysis and Modification Tool for Executables☆16Updated 5 years ago
- Screen recorder for x64dbg, for recording screen while debugging.☆11Updated 8 years ago
- Allows you to add breakpoints from IDA (from the graph/text view) to WinDbg easily☆14Updated 5 years ago
- Static library and headers for linking your software with ntdll.dll☆30Updated 4 years ago
- xLCB plugin for x64dbg☆19Updated 7 years ago
- The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers☆34Updated 7 years ago
- Malware monitor template based on MinHook☆16Updated 9 years ago
- Engine for communication with remote kernel debugger (KD, WinDbg) from drivers and applications☆36Updated 11 years ago
- Native Development Kit for Vista 64bit And Later, by me, Based on NDK Headers 1.0, by Alex Ionescu☆16Updated 8 years ago
- Plugin to label PEB addresses.☆28Updated 7 years ago
- windows create process with a dll load first time via LdrHook☆30Updated 7 years ago
- ☆11Updated this week
- ☆11Updated this week
- Kernel-mode file scanner☆17Updated 6 years ago
- User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.☆18Updated 8 years ago
- Scanning and identifying XOR encrypted PE files in PE resources☆27Updated 10 years ago