PELock / CMemPatch

Related projects ⓘ

Alternatives and complementary repositories for CMemPatch

• PELock / starter
  A small utility to run raw code chunks in the executable memory area.
  ☆14Updated 9 years ago
• mq1n / ForceThreadSuspend
  Windows hidden thread suspend POC with code injection
  ☆12Updated 7 years ago
• PELock / Portable-Executable-PE-Format-Poster
  A Portable Executable (PE) Format poster in A1 59,4 x 84,1 cm format, including almost all of the structures from PE/PE32+ format (with c…
  ☆19Updated last year
• Cr4sh / SimpleUnpacker
  Simple tool for unpacking packed/protected malware executables.
  ☆32Updated 13 years ago
• Mattiwatti / TitanHide
  Hiding kernel-driver for x86/x64.
  ☆7Updated last week
• OSRDrivers / deleteex
  Demonstrate the new FileDispositionInfoEx behavior
  ☆15Updated 7 years ago
• pstolarz / asprext
  ASProtect reverse engineering & analysis WinDbg extension
  ☆20Updated 4 years ago
• patois / idaplugins
  Old and probably outdated IDA plugins
  ☆24Updated 7 years ago
• weixu8 / RegistryMonitor
  Formely KMon, a Windows Kernel Driver designed to prevent malware attacks by monitoring the creation of registry keys in common autorun l…
  ☆21Updated 10 years ago
• SanseoLab / ejUnpacker
  x64dbg scripts for finding OEP of packers
  ☆14Updated 6 years ago
• zodiacon / ObjDir
  Simple command line version of Sysinternals WinObj. Currently just lists object names and types given an object manager directory.
  ☆19Updated last year
• zodiacon / AccessMask
  ☆18Updated 5 years ago
• mgeeky / prc_xchk
  User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.
  ☆18Updated 8 years ago
• tmr232 / ida-plugins
  IDA Pro Plugins
  ☆19Updated 9 years ago
• Darkabode / amte
  Analysis and Modification Tool for Executables
  ☆16Updated 5 years ago
• edix / MalwareResourceScanner
  Scanning and identifying XOR encrypted PE files in PE resources
  ☆27Updated 10 years ago
• zer0fl4g / OllyCallstack
  simple plugin for lastest olly versions to display the callstack
  ☆15Updated 11 years ago
• apriorit / antirootkit-anti-splicer
  The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers
  ☆34Updated 7 years ago
• yaseralnajjar / deobfuscation-helper
  A simple tool to help reverse engineers while dealing with obfuscated code.
  ☆20Updated 8 years ago
• wes4m / unHooker
  Kernel (Ring0) - SSDT unhook driver
  ☆13Updated 6 years ago
• killswitch-GUI / IsDebuggerPresent
  Debugger checks in 3 ways
  ☆20Updated 6 years ago
• wirepair / GHAST
  Game Hacking Adventures Scripts & Tools
  ☆21Updated 11 years ago
• Kirbiflint50 / KirbiDSM
  Decompile an x86 exe, and read PE infos.
  ☆19Updated 6 years ago
• codingtest / r0ak
  r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems
  ☆27Updated 6 years ago
• bfosterjr / CFFExtensions
  ☆22Updated 3 years ago
• ThomasThelen / upxUnpacker
  Scripts for x64dbg to find the OEP of exe files packed with UPX
  ☆13Updated 7 years ago
• s18leoare / Hackshield-Driver-Bypass
  Bypass HackShield several specific SSDT hook in Ring0
  ☆22Updated 9 years ago
• mrfearless / PE-Library-x86
  PE Library x86
  ☆20Updated 5 years ago
• guidedhacking / GH_Syscall
  Small class to help perform syscalls.
  ☆21Updated last year