PhrozenIO / PsyloDbg

Related projects ⓘ

Alternatives and complementary repositories for PsyloDbg

• PhrozenIO / DLest
  Microsoft Windows DLL Export Browser (Enumerate Exports, COM Methods and Properties) with Advanced Search Features.
  ☆179Updated 4 months ago
• diversenok / Suspending-Techniques
  Comparing, discussing, and bypassing various techniques for suspending and freezing processes on Windows.
  ☆114Updated 2 years ago
• Unprotect-Project / Unprotect_Submission
  Repository to publish your evasion techniques and contribute to the project
  ☆134Updated 3 weeks ago
• Fyyre / DrvMon
  Advanced driver monitoring utility.
  ☆201Updated 2 years ago
• therealdreg / masm32-kernel-programming
  masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)
  ☆115Updated last year
• WithSecureLabs / GarbageMan
  GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.
  ☆113Updated last year
• buzzer-re / Shinigami
  A dynamic unpacking tool
  ☆128Updated last year
• huntandhackett / concealed_code_execution
  Tools and technical write-ups describing attacking techniques that rely on concealing code execution on Windows
  ☆197Updated 2 years ago
• tbhaxor / WinAPI-RedBlue
  Source code of exploiting windows API for red teaming series
  ☆147Updated 2 years ago
• NullArray / WinKernel-Resources
  A list of excellent resources for anyone to deepen their understanding with regards to Windows Kernel Exploitation and general low level …
  ☆121Updated 2 years ago
• Idov31 / Jormungandr
  Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
  ☆220Updated last year
• LordNoteworthy / windows-exploitation
  My notes while studying Windows exploitation
  ☆184Updated last year
• enkomio / thematrix
  a PE Loader and Windows API tracer. Useful in malware analysis.
  ☆137Updated 2 years ago
• YoavLevi / IAT-Tracer
  An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…
  ☆109Updated 3 months ago
• zodiacon / Recon2023
  Recon 2023 slides and code
  ☆78Updated last year
• struppigel / hedgehog-tools
  ☆104Updated this week
• hasherezade / mal_unpack_drv
  MalUnpack companion driver
  ☆92Updated 4 months ago
• floesen / KExecDD
  Admin to Kernel code execution using the KSecDD driver
  ☆237Updated 6 months ago
• realoriginal / blacklotus
  A attempt at replicating BLACKLOTUS capabilities, whilst not acting as a direct mimic.
  ☆85Updated last year
• hackerhouse-opensource / SignToolEx
  Patching "signtool.exe" to accept expired certificates for code-signing.
  ☆268Updated 3 months ago
• mgeeky / msidump
  MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.
  ☆193Updated last year
• realoriginal / bootlicker
  A generic UEFI bootkit used to achieve initial usermode execution. It works with modifications.
  ☆396Updated last year
• daem0nc0re / AtomicSyscall
  Tools and PoCs for Windows syscall investigation.
  ☆354Updated 6 months ago
• jonaslyk / exploitkitpub
  ☆94Updated 2 years ago
• MalwareApiLib / MalwareApiLibrary
  collection of apis used in malware development
  ☆221Updated 2 years ago
• thesecretclub / SandboxBootkit
  Bootkit for Windows Sandbox to disable DSE/PatchGuard.
  ☆258Updated 3 weeks ago
• APTortellini / unDefender
  Killing your preferred antimalware by abusing native symbolic links and NT paths.
  ☆351Updated 2 years ago
• KiFilterFiberContext / warbird-hook
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆236Updated 2 years ago
• Faran-17 / Windows-Internals
  Important notes and topics on my journey towards mastering Windows Internals
  ☆339Updated 6 months ago