PhrozenIO / PsyloDbgLinks
User-friendly Microsoft Windows Debugger for Malware Analysts.
☆198Updated 2 years ago
Alternatives and similar repositories for PsyloDbg
Users that are interested in PsyloDbg are comparing it to the libraries listed below
Sorting:
- Microsoft Windows DLL Export Browser (Enumerate Exports, COM Methods and Properties) with Advanced Search Features.☆222Updated 11 months ago
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…☆165Updated 2 months ago
- Advanced driver monitoring utility.☆211Updated 2 years ago
- Comparing, discussing, and bypassing various techniques for suspending and freezing processes on Windows.☆124Updated 3 years ago
- Some random system tools for Windows☆114Updated 3 years ago
- masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)☆124Updated last year
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆114Updated 2 years ago
- Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …☆108Updated 4 years ago
- Tools and technical write-ups describing attacking techniques that rely on concealing code execution on Windows☆215Updated 2 years ago
- Advanced static analysis tool☆89Updated 3 months ago
- An automatic unpacker and logger for DotNet Framework targeting files☆252Updated last year
- Recon 2023 slides and code☆79Updated last year
- ☆114Updated last month
- A dynamic unpacking tool☆136Updated last year
- Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.☆152Updated 2 years ago
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆116Updated 10 months ago
- Sysmon-Like research tool for ETW☆353Updated 2 years ago
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆280Updated 7 months ago
- Tools and PoCs for Windows syscall investigation.☆361Updated 5 months ago
- Patching "signtool.exe" to accept expired certificates for code-signing.☆282Updated 10 months ago
- Various Process Injection Techniques☆148Updated 2 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆245Updated 2 years ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆342Updated 3 months ago
- MalUnpack companion driver☆98Updated 11 months ago
- A PE (Portable Executable) packer with Huffman Compression and Xor encryption.☆60Updated 3 years ago
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆296Updated last year
- Enumerate various traits from Windows processes as an aid to threat hunting☆188Updated 3 years ago
- Easy XOR string encryption for NET based binaries☆138Updated last year
- Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider☆175Updated 2 years ago
- ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detecti…☆304Updated last year