SentineLabs / Memloader
Memory Loader Open Source Project by Sentinel-Labs.
☆24Updated 4 years ago
Alternatives and similar repositories for Memloader
Users that are interested in Memloader are comparing it to the libraries listed below
Sorting:
- ☆28Updated 5 years ago
- A collection of empty MSVC projects, compiled using various versions and configurations of Visual Studio.☆32Updated 10 months ago
- Python 3 - Manipulation and conversation with different data type (Bytes operations)☆26Updated 3 years ago
- ☆31Updated 3 years ago
- UnpacMe IDA Byte Search☆28Updated last year
- SPI flash read MitM attack PoC☆37Updated 2 years ago
- A tool that automates regex generation for the x86 and x86-64 instruction sets☆71Updated last year
- Scripts to aid analysis of files obfuscated with ScatterBee.☆20Updated 2 years ago
- ☆22Updated 4 years ago
- Yet another rule generator for Yara☆28Updated 4 years ago
- Go Lang Portable Executable Parser☆39Updated 4 years ago
- An experimental dynamic malware unpacker based on Intel Pin and PE-sieve☆60Updated 8 months ago
- ☆71Updated last year
- A modular Karton Framework service that unpacks common packers like UPX and others using the Qiling Framework.☆57Updated 3 years ago
- Parse .NET executable files.☆76Updated 3 months ago
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year
- Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019☆41Updated 5 years ago
- ☆17Updated 3 years ago
- IDARay is an IDA Pro plugin that matches the database against multiple YARA files which themselves may contain multiple rules.☆18Updated 6 years ago
- Analyses in IDA/Hex-Rays☆81Updated 2 years ago
- Scripts, Yara rules and other files developed during malware investigations☆25Updated 2 years ago
- A set of small utilities, helpers for PIN tracers☆33Updated last year
- Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment☆123Updated 4 years ago
- Support Windows OS Reversing by searching easily for references to functions across many DLLs☆34Updated 3 years ago
- Extract data of TTD trace file to a minidump☆28Updated last year
- WIP Emotet Control Flow Unflattening using miasm and radare2☆23Updated 2 years ago
- C# implementation to produce ROR-13 numeric hash for given function API name☆31Updated 5 years ago
- ☆13Updated 2 years ago
- Plugin for x64dbg to generate Yara rules from function basic blocks.☆36Updated 7 years ago
- IDA script for vmprotect Windows Api address decoder☆51Updated 3 years ago