PhrozenIO / PsyloDbg
User-friendly Microsoft Windows Debugger for Malware Analysts.
☆198Updated 2 years ago
Alternatives and similar repositories for PsyloDbg:
Users that are interested in PsyloDbg are comparing it to the libraries listed below
- Microsoft Windows DLL Export Browser (Enumerate Exports, COM Methods and Properties) with Advanced Search Features.☆218Updated 10 months ago
- Comparing, discussing, and bypassing various techniques for suspending and freezing processes on Windows.☆123Updated 3 years ago
- masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)☆121Updated last year
- Advanced driver monitoring utility.☆207Updated 2 years ago
- Tools and technical write-ups describing attacking techniques that rely on concealing code execution on Windows☆207Updated 2 years ago
- A dynamic unpacking tool☆134Updated last year
- Recon 2023 slides and code☆79Updated last year
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…☆158Updated 2 weeks ago
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆114Updated 2 years ago
- Tools and PoCs for Windows syscall investigation.☆359Updated 3 months ago
- Virus Exchange (VX) - Collection of malware or assembly code used for "offensive" purposed.☆178Updated 3 years ago
- Some random system tools for Windows☆111Updated 3 years ago
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆116Updated 9 months ago
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆276Updated 6 months ago
- Source code of exploiting windows API for red teaming series☆148Updated 2 years ago
- A tutorial on how to write a packer for Windows!☆269Updated last year
- Set of antianalysis techniques found in malware☆132Updated last year
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆244Updated 2 years ago
- ☆113Updated 2 months ago
- This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret …☆246Updated last year
- QLoader is a PE loader creator that helps you quickly create a non-exe loader for application☆103Updated 6 months ago
- Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.☆152Updated 2 years ago
- ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detecti…☆301Updated last year
- Various Process Injection Techniques☆148Updated 2 years ago
- A ProcessMonitor visualization application written in rust.☆178Updated last year
- Yet another variant of Process Hollowing☆389Updated 2 months ago
- WTSRM☆210Updated 2 years ago
- An automatic unpacker and logger for DotNet Framework targeting files☆252Updated last year
- NINA: No Injection, No Allocation x64 Process Injection Technique☆202Updated 4 years ago
- Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers t…☆455Updated 3 years ago