Sentinel-One / SKREAM
SentinelOne's KeRnel Exploits Advanced Mitigations
☆50Updated 5 years ago
Related projects: ⓘ
- Windbg2ida lets you dump each step in Windbg then shows these steps in IDA☆70Updated 2 months ago
- Python bindings for the Microsoft Hypervisor Platform APIs.☆66Updated 5 years ago
- Parsers for custom malware formats ("Funky malware formats")☆92Updated 2 years ago
- ☆33Updated 3 years ago
- A fast execution trace symbolizer for Windows.☆130Updated 4 months ago
- Flare-On solutions☆36Updated 4 years ago
- [ARCHIVED] mov rax, ${Thalium/IceBox}; jmp rax;☆72Updated 5 years ago
- POC viruses I have created to demo some ideas☆58Updated 4 years ago
- Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment☆117Updated 4 years ago
- Poc for ELF64 runtime infection via GOT poisoning technique by elfmaster☆29Updated 4 years ago
- IDA plugin to explore and browse tags☆51Updated 5 years ago
- Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019☆38Updated 4 years ago
- ☆28Updated 4 years ago
- libemu shim layer and win32 environment for Unicorn Engine☆71Updated 7 years ago
- x86 bootloader emulation with Miasm (case of NotPetya)☆40Updated 5 years ago
- Hyper-V Research is trendy now☆169Updated 4 months ago
- Malware Analysis, Anti-Analysis, and Anti-Anti-Analysis☆43Updated 7 years ago
- A project that aims to automatically devirtualize code that has been virtualized using x86virt☆125Updated last year
- ☆17Updated 2 months ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆52Updated 5 years ago
- ☆49Updated this week
- Enumerate user mode shared memory mappings on Windows.☆112Updated 3 years ago
- pyGoRE - Python library for analyzing Go binaries☆63Updated 2 years ago
- Binary Ninja plugin that syncs WinDbg to Binary Ninja☆47Updated 6 years ago
- Exploits pack for the Windows Kernel mode driver HackSysExtremeVulnerableDriver written for educational purposes.☆62Updated 2 years ago
- kernel pool windbg extension☆79Updated 9 years ago
- Elevation of privilege detector based on HyperPlatform☆118Updated 7 years ago
- Import DynamoRIO drcov code coverage data into Ghidra☆41Updated 8 months ago
- Analyses in IDA/Hex-Rays☆78Updated last year
- Adding exceptions to Microsoft's Control Flow Guard (CFG)☆58Updated 8 years ago