Starwarsfan2099 / PyWinDbg
Python based 32-bit Windows debugger built for learning purposes. Currently includes breakpoint setting, register modification, process monitoring and inspection, file monitoring and hooking, DLL injection, shellcode injection, and crash detection.
☆13Updated 4 years ago
Alternatives and similar repositories for PyWinDbg:
Users that are interested in PyWinDbg are comparing it to the libraries listed below
- Kernel-Mode rootkit that connects to a remote server to send & recv commands☆31Updated 6 years ago
- ☆22Updated 6 years ago
- A plugin for x64dbg for x86 emulation powered by the Unicorn-engine.☆30Updated 9 years ago
- Debugger checks in 3 ways☆19Updated 7 years ago
- an efficient yet easy to use network packet builder and parser☆11Updated 7 years ago
- A simple native code virtualizer for 32-bit Windows PE☆15Updated 9 years ago
- Windbg Utility Tools based upon PyKD☆42Updated 4 years ago
- find and kill injectedThreads from memory☆10Updated 9 years ago
- My solutions for random crackmes and other challenges☆11Updated 5 years ago
- qHooK is very simple python script (dependent on pydbg) which hooks user defined Win32 APIs in any process and monitor then while process…☆21Updated 10 years ago
- Toy approach to VMProtect virtualization☆15Updated 6 years ago
- ☆21Updated 6 years ago
- Windows x86 Hardware Breakpoint class for Windows >Vista☆22Updated 8 years ago
- Miscellaneous old Exploit code and PoCs☆16Updated 6 months ago
- Scripts for x64dbg to find the OEP of exe files packed with UPX☆14Updated 7 years ago
- ☆13Updated 7 years ago
- Kernel (Ring0) - SSDT unhook driver☆14Updated 7 years ago
- findLoop - find possible encryption/decryption or compression/decompression code☆26Updated 6 years ago
- WhoCalls can query a directory of files, find the binaries, and search for a user specified Win API import. It and works with both 32-bit…☆17Updated 2 years ago
- IDA loader module for Hidden Bee's custom executable file format☆20Updated 6 years ago
- Today Plugin (x64) - A Plugin For x64dbg☆13Updated 6 years ago
- IDA PRO FLIRT signature files MSVC2017的sig文件☆15Updated 6 years ago
- Zero Wine Tryouts: An open source malware analysis tool☆17Updated 8 years ago
- more at http://www.zer0mem.sk/?p=271☆12Updated 11 years ago
- User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.☆19Updated 9 years ago
- Kernel Shellcode to add all privileges in token☆13Updated 8 years ago
- Simple x64dbg plugin to show registers on every step.☆16Updated 5 years ago
- Windows hidden thread suspend POC with code injection☆12Updated 7 years ago
- ☆20Updated 5 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆22Updated 7 years ago