SentineLabs / Memloader
Memory Loader Open Source Project by Sentinel-Labs.
☆24Updated 4 years ago
Alternatives and similar repositories for Memloader:
Users that are interested in Memloader are comparing it to the libraries listed below
- A collection of empty MSVC projects, compiled using various versions and configurations of Visual Studio.☆32Updated 10 months ago
- ☆28Updated 4 years ago
- ☆22Updated 4 years ago
- Python 3 - Manipulation and conversation with different data type (Bytes operations)☆26Updated 3 years ago
- Go Lang Portable Executable Parser☆39Updated 4 years ago
- UnpacMe IDA Byte Search☆28Updated last year
- ☆31Updated 3 years ago
- Yet another rule generator for Yara☆28Updated 4 years ago
- IDARay is an IDA Pro plugin that matches the database against multiple YARA files which themselves may contain multiple rules.☆18Updated 6 years ago
- IDAPython scripts☆15Updated 7 years ago
- Analyses in IDA/Hex-Rays☆81Updated 2 years ago
- A set of small utilities, helpers for PIN tracers☆33Updated last year
- A tool that automates regex generation for the x86 and x86-64 instruction sets☆70Updated last year
- An experimental dynamic malware unpacker based on Intel Pin and PE-sieve☆60Updated 8 months ago
- ☆71Updated last year
- ☆26Updated 3 years ago
- SPI flash read MitM attack PoC☆37Updated 2 years ago
- Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019☆40Updated 5 years ago
- Plugin for x64dbg to generate Yara rules from function basic blocks.☆36Updated 7 years ago
- Windows API Hashes used in the malwares☆40Updated 9 years ago
- Parse .NET executable files.☆76Updated 2 months ago
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year
- Clone running process with ZwCreateProcess☆57Updated 4 years ago
- A modular Karton Framework service that unpacks common packers like UPX and others using the Qiling Framework.☆56Updated 3 years ago
- clone of armadillo patched for windows☆47Updated 6 months ago
- IDA script for vmprotect Windows Api address decoder☆51Updated 3 years ago
- Support Windows OS Reversing by searching easily for references to functions across many DLLs☆34Updated 3 years ago
- Extract data of TTD trace file to a minidump☆28Updated last year
- An IDA plugin to deal with Event Tracing for Windows (ETW)☆53Updated 2 years ago
- WIP Emotet Control Flow Unflattening using miasm and radare2☆23Updated 2 years ago