MaxXSoft / sigma-vm

Related projects: ⓘ

• SoftwareSecurityLab / UbSym
  A Unit-Based Symbolic Execution Method for Detecting Memory Corruption Vulnerabilities in Executable Codes
  ☆43Updated last year
• therealdreg / symseghelper
  Helper scripts for windows debugging with symbols for Bochs and IDA Pro (PDB files). Very handy for user mode <--> kernel mode
  ☆18Updated last year
• gognl / VMBR
  A VMBR (Virtual-Machine Based Rootkit) which runs a guest OS and sends the attacker its data
  ☆26Updated 4 months ago
• libiht / libiht
  Intel Hardware Trace Library
  ☆62Updated last week
• tum-i4 / dta-vs-osc
  Dynamic Taint Analysis versus Obfuscated Self-Checking
  ☆16Updated 3 years ago
• b-irb / PigPEI
  PEIM (UEFI) bootkit targeting OVMF (EDK2)
  ☆33Updated 9 months ago
• ek0 / hxemu
  Triton based symbolic emulator
  ☆16Updated last year
• kanren3 / efiutil
  Based on nt5src
  ☆15Updated last year
• agra-uni-bremen / BinSym
  Symbolic execution for RISC-V machine code based on the formal LibRISCV ISA model
  ☆32Updated 2 months ago
• ioncodes / dlsym_hook
  Instrumenting a binary without source code to bypass anti-debug checks
  ☆33Updated 2 years ago
• BFrizzleFoShizzle / VirtualTaggerPlugin
  Virtual Tagger Plugin is a Cutter plugin that significantly improves handling and analysis of vtables and virtual functions
  ☆13Updated last year
• Zero-Tang / SimpleWhpDemo
  Simple Demo of using Windows Hypervisor Platform
  ☆26Updated 5 months ago
• KelvinMsft / TechMyths
  ☆13Updated last year
• r3bb1t / bin_lift
  Rust library for lifting raw binary data to LLVM IR
  ☆37Updated last month
• Nadharm / CoVirt
  A dynamically loadable virtual-machine based rootkit designed for Linux Kernel v5.13.0 using AMD-V (SVM).
  ☆27Updated 2 years ago
• milankovo / hexinlay
  Inlay hints for hex-rays
  ☆18Updated this week
• jxy-s / vfdynf
  Application Verifier Dynamic Fault Injection
  ☆34Updated last week
• therealdreg / windbgtocstruct
  Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…
  ☆26Updated last year
• archercreat / llvm_stuff
  LLVM based devirtualization PoC’s.
  ☆20Updated 2 years ago
• samrussell / obfus
  Playing with LLVM passes
  ☆34Updated last year
• long123king / dk
  dk is a WinDbg extenion for dumping memory data in meaningful and organized ways, it is an enhancement of my previous tokenext project.
  ☆22Updated last year
• eset / wslink-vm-analyzer
  WslinkVMAnalyzer is a tool to facilitate analysis of code protected by a virtual machine featured in Wslink malware
  ☆45Updated 2 years ago
• Colton1skees / WinTTD
  Reverse engineered API for Microsoft's Time Travel Debugger
  ☆30Updated 5 months ago
• tmr232 / function-graph-overview
  Control-Flow Graph (CFG) Visualizer for VSCode
  ☆27Updated this week
• alfarom256 / MinifilterResearch
  ☆15Updated last year
• 0vercl0k / kdmp-parser-rs
  A KISS Rust crate to parse Windows kernel crash-dumps created by Windows & its debugger.
  ☆33Updated last month
• hugsy / bochscpu-python
  Python bindings for BochsCPU
  ☆33Updated last month
• b-irb / sauron
  Simple Intel VT-x type-2 hypervisor for 64-bit Linux.
  ☆15Updated 4 years ago
• softsec-unh / MBA-Solver
  ☆37Updated 3 years ago
• fengjixuchui / CodaPinTracer
  Lightweight WINAPI tracing with Pin
  ☆26Updated 5 years ago