KasperskyLab / VBscriptInternalsLinks
Scripts for disassembling VBScript p-code in the memory to aid in exploits analysis
☆85Updated 3 years ago
Alternatives and similar repositories for VBscriptInternals
Users that are interested in VBscriptInternals are comparing it to the libraries listed below
Sorting:
- ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking.☆92Updated 6 years ago
- POC viruses I have created to demo some ideas☆59Updated 5 years ago
- Extract OLEv1 objects from RTF files by instrumenting Word☆51Updated 5 years ago
- ☆115Updated 9 years ago
- Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code☆184Updated 5 years ago
- Simple library to spray the Windows Kernel Pool☆110Updated 5 years ago
- Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment☆124Updated 5 years ago
- Supporting Files on my analysis of the malware designated hdroot.☆59Updated 8 years ago
- Some example source code for fixed IE11 sandbox escapes.☆141Updated 11 years ago
- ☆28Updated 11 years ago
- Zerokit/GAPZ rootkit (non buildable and only for researching)☆183Updated 6 years ago
- ☆99Updated last year
- ☆91Updated 6 years ago
- kernel exploitation helper class☆77Updated 8 years ago
- Flare-On solutions☆37Updated 6 years ago
- Parsers for custom malware formats ("Funky malware formats")☆97Updated 3 years ago
- Collection of VC++ example applications to demonstrate Win10 userland heap behavior (BEA & FEA)☆85Updated 9 years ago
- Generic scripts for public consumption☆85Updated 6 years ago
- A Fuzzer for Windows NDIS Drivers OID Handlers☆95Updated 3 years ago
- Implements the POP/MOV SS (CVE-2018-8897) vulnerability by bugchecking the machine (local DoS).☆79Updated 7 years ago
- ☆35Updated 10 years ago
- ☆91Updated 8 years ago
- Grep-like WinDbg extension☆44Updated 8 years ago
- Port of windbglib to x64dbgpy, in an effort to support mona.py in x64dbg.☆51Updated 6 years ago
- Implements the POP/MOV SS (CVE-2018-8897) vulnerability by leveraging SYSCALL to perform a local privilege escalation (LPE).☆118Updated 7 years ago
- A tiny PoC to inject and execute code into explorer.exe with WM_SETTEXT+WM_COPYDATA+SetThreadContext☆52Updated 7 years ago
- [ARCHIVED] mov rax, ${Thalium/IceBox}; jmp rax;☆76Updated 6 years ago
- A windbg extension, extracting token related contents☆41Updated 4 years ago
- HackSys Extreme Vulnerable Driver - Windows 10 x64 StackOverflow Exploit with SMEP Bypass☆66Updated 7 years ago
- Simple NTFS crawler.☆56Updated 8 years ago