K2 / EhTrace

Related projects ⓘ

Alternatives and complementary repositories for EhTrace

• BromiumLabs / PackerAttacker
  C++ application that uses memory and code hooks to detect packers
  ☆268Updated 6 years ago
• mandiant / flare-dbg
  flare-dbg is a project meant to aid malware reverse engineers in rapidly developing debugger scripts.
  ☆148Updated 7 years ago
• BreakingMalware / Selfie
  A Tool to Unpack Self-Modifying Code using DynamoRIO
  ☆141Updated 7 years ago
• Rootkitsmm-zz / Win32k-Fuzzer
  Fuzz and Detect "Use After Free" vulnerability in win32k.sys ( Heap based )
  ☆131Updated 8 years ago
• 0xPhoeniX / MazeWalker
  Toolkit for enriching and speeding up static malware analysis
  ☆165Updated 2 years ago
• sam-b / windbg-plugins
  Any useful windbg plugins I've written.
  ☆113Updated 6 years ago
• AmrThabet / winSRDF
  Security Research and Development Framework
  ☆105Updated 9 years ago
• cseagle / fREedom
  capstone based disassembler for extracting to binnavi
  ☆226Updated 8 years ago
• DavidKorczynski / RePEconstruct
  ☆91Updated 8 years ago
• IOActive / I-know-where-your-page-lives
  I Know Where Your Page Lives: Derandomizing the latest Windows 10 Kernel - ZeroNights 2016
  ☆159Updated 7 years ago
• sogeti-esec-lab / LKD
  Local Kernel Debugger (LKD) is a python wrapper around dbgengine.dll
  ☆92Updated 8 years ago
• mokhdzanifaeq / pyflirt
  map file generator for intel x86 binary based on flirt signature
  ☆83Updated 8 years ago
• AirbusCyber / grap
  grap: define and match graph patterns within binaries
  ☆169Updated 3 years ago
• edix / LoadDll
  Better version of RunDll with GUI. This program allows you to load DLLs on Windows. You can select how to load the DLL. By direct Entry P…
  ☆233Updated 9 years ago
• quangnh89 / OllyCapstone
  This is a plugin for OllyDbg 1.10 to replace the old disasm engine by Capstone disassembly/disassembler framework.
  ☆80Updated 9 years ago
• mandiant / flare-qdb
  Command-line and Python debugger for instrumenting and modifying native software behavior on Windows and Linux.
  ☆161Updated last year
• pinkflawd / r2graphity
  Creating function call graphs based on radare2 framwork, plot fancy graphs and extract behavior indicators
  ☆85Updated 7 years ago
• gdelugre / shell-factory
  C++-based shellcode builder
  ☆112Updated 3 years ago
• lifting-bits / codereason
  Semantic Binary Code Analysis Framework
  ☆124Updated 9 years ago
• carlosgprado / JARVIS
  "Just Another ReVersIng Suite" or whatever other bullshit you can think of
  ☆149Updated last year
• kokjo / universalrop
  Small tool for generating ropchains using unicorn and z3
  ☆197Updated 6 years ago
• jeffball55 / rop_compiler
  An open source, multi-architecture ROP compiler written in python
  ☆160Updated 7 years ago
• Cisco-Talos / ROPMEMU
  ROPMEMU is a framework to analyze, dissect and decompile complex code-reuse attacks.
  ☆284Updated 8 years ago
• danigargu / IDAtropy
  IDAtropy is a plugin for Hex-Ray's IDA Pro designed to generate charts of entropy and histograms using the power of idapython and matplot…
  ☆135Updated 3 years ago
• therealdreg / anticuckoo
  A tool to detect and crash Cuckoo Sandbox
  ☆288Updated 3 months ago
• ricardojrdez / anti-analysis-tricks
  Bunch of techniques potentially used by malware to detect analysis environments
  ☆156Updated 8 years ago
• ivildeed / vmw_vmx_overloader
  Loading unsigned code into kernel in Windows 10 (64) with help of VMware Workstation Pro/Player design flaw
  ☆136Updated 7 years ago