JuanJMarques / pymetamorph
metamorphic engine in python
☆34Updated 8 years ago
Related projects ⓘ
Alternatives and complementary repositories for pymetamorph
- Bootkits Revisited☆41Updated 10 years ago
- Malware Analysis, Anti-Analysis, and Anti-Anti-Analysis☆43Updated 7 years ago
- A C polymorphic and metamorphic engine☆66Updated 5 years ago
- Decrement Windows Kernel for fun and profit☆39Updated 6 years ago
- PoC for Bypassing UM Hooks By Bruteforcing Intel Syscalls☆39Updated 8 years ago
- Collection Of Anti-Debugging Tricks☆96Updated 8 years ago
- Generic Metamorphic/Substitution Engine☆29Updated 10 years ago
- ☆73Updated 6 years ago
- kernel exploitation helper class☆75Updated 7 years ago
- Helper utility for debugging windows PE/PE+ loader.☆50Updated 9 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆75Updated 9 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 6 years ago
- An obfuscation engine which obfuscates Intel x86 32-bit binary code.☆54Updated 6 years ago
- Elevation of privilege detector based on HyperPlatform☆117Updated 7 years ago
- Adding exceptions to Microsoft's Control Flow Guard (CFG)☆58Updated 8 years ago
- Anti-technique Codes, Detection of Anti-technique codes☆37Updated 11 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆53Updated 5 years ago
- a binary x86win32 code obfuscator using virtual machine☆32Updated 7 years ago
- Old exploits and code for my self-referencing PML4 technique (2014)☆30Updated 9 years ago
- Hidden kernel mode code execution for bypassing modern anti-rootkits.☆80Updated 13 years ago
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆73Updated 13 years ago
- Binary Ninja plugin that syncs WinDbg to Binary Ninja☆47Updated 6 years ago
- A process overwriting its own PEB to make an illusion that it has been loaded from a different path.☆92Updated 3 years ago
- Load a Windows Kernel Driver☆90Updated 7 years ago
- Open and generic Anti-Anti Reversing Framework. Works in 32 and 64 bits.☆64Updated 12 years ago
- libemu shim layer and win32 environment for Unicorn Engine☆71Updated 7 years ago
- ☆28Updated 7 years ago
- ☆32Updated 6 years ago
- Implements the POP/MOV SS (CVE-2018-8897) vulnerability by leveraging SYSCALL to perform a local privilege escalation (LPE).☆116Updated 6 years ago
- Random tools and things for creating+injecting complex organisms into a process on both the posix and windows platforms. Includes support…☆39Updated this week