Sentinel-One / SKREAM
SentinelOne's KeRnel Exploits Advanced Mitigations
☆52Updated 6 years ago
Alternatives and similar repositories for SKREAM:
Users that are interested in SKREAM are comparing it to the libraries listed below
- ☆33Updated 3 years ago
- Windbg2ida lets you dump each step in Windbg then shows these steps in IDA☆75Updated 7 months ago
- [ARCHIVED] mov rax, ${Thalium/IceBox}; jmp rax;☆72Updated 5 years ago
- IDA plugin to explore and browse tags☆53Updated 5 years ago
- A fast execution trace symbolizer for Windows.☆130Updated 9 months ago
- A simple API monitor for Windbg☆62Updated 7 years ago
- Python bindings for the Microsoft Hypervisor Platform APIs.☆80Updated 5 years ago
- Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019☆39Updated 5 years ago
- Parsers for custom malware formats ("Funky malware formats")☆93Updated 3 years ago
- x86 bootloader emulation with Miasm (case of NotPetya)☆40Updated 5 years ago
- Hyper-V Research is trendy now☆177Updated 9 months ago
- Adding exceptions to Microsoft's Control Flow Guard (CFG)☆58Updated 8 years ago
- Windows NT ioctl bruteforcer and modular fuzzer☆121Updated 6 years ago
- Elevation of privilege detector based on HyperPlatform☆120Updated 7 years ago
- Flare-On solutions☆36Updated 5 years ago
- Poc for ELF64 runtime infection via GOT poisoning technique by elfmaster☆29Updated 4 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆53Updated 5 years ago
- Malware Analysis, Anti-Analysis, and Anti-Anti-Analysis☆45Updated 7 years ago
- libemu shim layer and win32 environment for Unicorn Engine☆71Updated 7 years ago
- POC viruses I have created to demo some ideas☆59Updated 4 years ago
- ☆74Updated 4 years ago
- Polymorphic VM and PoliCTF '17 reversing challenge.☆72Updated 5 months ago
- kernel pool windbg extension☆80Updated 9 years ago
- A project that aims to automatically devirtualize code that has been virtualized using x86virt☆126Updated 2 years ago
- PoC for Bypassing UM Hooks By Bruteforcing Intel Syscalls☆39Updated 9 years ago
- A windbg extension, extracting token related contents☆41Updated 4 years ago
- A collection of empty MSVC projects, compiled using various versions and configurations of Visual Studio.☆31Updated 8 months ago
- ☆107Updated 4 years ago
- ☆50Updated 7 years ago
- A branch-monitor-based solution for process monitoring.☆131Updated 5 years ago