Sentinel-One / SKREAMLinks
SentinelOne's KeRnel Exploits Advanced Mitigations
☆54Updated 6 years ago
Alternatives and similar repositories for SKREAM
Users that are interested in SKREAM are comparing it to the libraries listed below
Sorting:
- A fast execution trace symbolizer for Windows.☆129Updated last year
- Parsers for custom malware formats ("Funky malware formats")☆97Updated 3 years ago
- Windbg2ida lets you dump each step in Windbg then shows these steps in IDA☆73Updated last year
- ☆67Updated 6 years ago
- Python bindings for the Microsoft Hypervisor Platform APIs.☆79Updated 6 years ago
- POC viruses I have created to demo some ideas☆59Updated 5 years ago
- x86 bootloader emulation with Miasm (case of NotPetya)☆42Updated 6 years ago
- Static unpacker for FinSpy VM☆103Updated 4 years ago
- Hypervisor-based debugger☆188Updated 4 years ago
- The history of Windows Internals via symbols.☆180Updated 3 years ago
- My repository to upload drivers from different books and all the information related to windows internals.☆159Updated 6 years ago
- This is a place to share my miscellaneous projects.☆114Updated 5 years ago
- ☆34Updated 4 years ago
- Polymorphic VM and PoliCTF '17 reversing challenge.☆73Updated last year
- Driver Initial Reconnaissance Tool☆123Updated 5 years ago
- [ARCHIVED] mov rax, ${Thalium/IceBox}; jmp rax;☆76Updated 6 years ago
- Implements the POP/MOV SS (CVE-2018-8897) vulnerability by leveraging SYSCALL to perform a local privilege escalation (LPE).☆118Updated 7 years ago
- Import DynamoRIO drcov code coverage data into Ghidra☆44Updated last year
- Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment☆124Updated 5 years ago
- ☆74Updated 5 years ago
- Elevation of privilege detector based on HyperPlatform☆123Updated 8 years ago
- Malware Analysis, Anti-Analysis, and Anti-Anti-Analysis☆45Updated 8 years ago
- A simple API monitor for Windbg☆64Updated 8 years ago
- Simple library to spray the Windows Kernel Pool☆110Updated 5 years ago
- kernel pool windbg extension☆84Updated 10 years ago
- A project that aims to automatically devirtualize code that has been virtualized using x86virt☆126Updated 2 years ago
- Enumerate user mode shared memory mappings on Windows.☆125Updated 4 years ago
- Windows API listing in JSON format - generated from SDK headers + SDK API documentation☆66Updated 5 years ago
- Windows NT ioctl bruteforcer and modular fuzzer☆124Updated 6 years ago
- Ebfuscator: Abusing system errors for binary obfuscation☆52Updated 5 years ago