Sentinel-One / SKREAMLinks
SentinelOne's KeRnel Exploits Advanced Mitigations
☆54Updated 6 years ago
Alternatives and similar repositories for SKREAM
Users that are interested in SKREAM are comparing it to the libraries listed below
Sorting:
- A fast execution trace symbolizer for Windows.☆131Updated last year
- Python bindings for the Microsoft Hypervisor Platform APIs.☆79Updated 6 years ago
- Windbg2ida lets you dump each step in Windbg then shows these steps in IDA☆75Updated last year
- This is a place to share my miscellaneous projects.☆114Updated 5 years ago
- POC viruses I have created to demo some ideas☆59Updated 5 years ago
- [ARCHIVED] mov rax, ${Thalium/IceBox}; jmp rax;☆74Updated 6 years ago
- Parsers for custom malware formats ("Funky malware formats")☆96Updated 3 years ago
- Static unpacker for FinSpy VM☆102Updated 4 years ago
- ☆66Updated 6 years ago
- The history of Windows Internals via symbols.☆180Updated 3 years ago
- Polymorphic VM and PoliCTF '17 reversing challenge.☆73Updated 11 months ago
- ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking.☆92Updated 6 years ago
- Elevation of privilege detector based on HyperPlatform☆122Updated 8 years ago
- Import DynamoRIO drcov code coverage data into Ghidra☆44Updated last year
- A project that aims to automatically devirtualize code that has been virtualized using x86virt☆126Updated 2 years ago
- x86 bootloader emulation with Miasm (case of NotPetya)☆41Updated 6 years ago
- Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment☆123Updated 4 years ago
- ☆34Updated 4 years ago
- A simple API monitor for Windbg☆63Updated 8 years ago
- Windows NT ioctl bruteforcer and modular fuzzer☆124Updated 6 years ago
- Malware Analysis, Anti-Analysis, and Anti-Anti-Analysis☆45Updated 7 years ago
- Hyper-V Research is trendy now☆182Updated last year
- kernel pool windbg extension☆84Updated 10 years ago
- My repository to upload drivers from different books and all the information related to windows internals.☆157Updated 6 years ago
- Implements the POP/MOV SS (CVE-2018-8897) vulnerability by leveraging SYSCALL to perform a local privilege escalation (LPE).☆118Updated 7 years ago
- Simple library to spray the Windows Kernel Pool☆110Updated 5 years ago
- Hypervisor-based debugger☆189Updated 4 years ago
- Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019☆42Updated 5 years ago
- VMI-Unpack - A Virtual Machine Introspection (VMI) based generic unpacker.☆56Updated 5 years ago
- Hyper-V scripts☆128Updated last month