PhrozenIO / DLest
Microsoft Windows DLL Export Browser (Enumerate Exports, COM Methods and Properties) with Advanced Search Features.
☆188Updated 7 months ago
Alternatives and similar repositories for DLest:
Users that are interested in DLest are comparing it to the libraries listed below
- User-friendly Microsoft Windows Debugger for Malware Analysts.☆190Updated 2 years ago
- Advanced static analysis tool☆86Updated last month
- Patching "signtool.exe" to accept expired certificates for code-signing.☆275Updated 5 months ago
- Important notes and topics on my journey towards mastering Windows Internals☆357Updated 8 months ago
- A ProcessMonitor visualization application written in rust.☆176Updated last year
- A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to …☆283Updated last year
- A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analys…☆291Updated 10 months ago
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…☆147Updated last week
- A list of useful tools for Malware Analysis (will be updated regularly)☆134Updated 4 months ago
- PowerRunAsSystem is a PowerShell script, also available as an installable module through the PowerShell Gallery, designed to impersonate …☆254Updated 3 months ago
- Cybersecurity research results. Simple C/C++ and Python implementations☆196Updated this week
- A dynamic unpacking tool☆130Updated last year
- A C# based tool for analysing malicious OneNote documents☆109Updated last year
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆269Updated 3 months ago
- Recon 2023 slides and code☆79Updated last year
- ☆55Updated 3 weeks ago
- masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)☆116Updated last year
- Python tool to check rootkits in Windows kernel☆180Updated 2 months ago
- Signtool for expired certificates☆465Updated last year
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆114Updated 6 months ago
- ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detecti…☆297Updated 9 months ago
- A CIA tradecraft technique to asynchronously detect when a process is created using WMI.☆131Updated last year
- Performing Indirect Clean Syscalls☆506Updated last year
- Comparing, discussing, and bypassing various techniques for suspending and freezing processes on Windows.☆116Updated 3 years ago
- Simple undetectable shellcode and code injector launcher example. Inspired by RTO malware development course.☆234Updated 2 months ago
- An advanced tool for working with access tokens and Windows security policy.☆587Updated 5 months ago
- ☆112Updated 11 months ago
- A POC to disable TamperProtection and other Defender / MDE components☆194Updated 7 months ago
- My notes while studying Windows exploitation☆184Updated last year
- PE Viewer☆161Updated 2 months ago