TalBlum / Anti-DisassemblyLinks
A collection of anti disassembly techniques
☆19Updated 7 years ago
Alternatives and similar repositories for Anti-Disassembly
Users that are interested in Anti-Disassembly are comparing it to the libraries listed below
Sorting:
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 7 years ago
- Windows x64 Process Scanner to detect application compatability shims☆37Updated 6 years ago
- Resources from my journey into Windows binary exploitation☆22Updated 6 years ago
- Code injection via delay load libraries☆35Updated 7 years ago
- NoREpls - Application designed for the purposes of reverse engineering.☆11Updated 6 years ago
- Using Undocumented NTDLL Functions to Read/Write/Delete File☆18Updated 4 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆29Updated 8 years ago
- ☆20Updated 5 years ago
- ☆45Updated 7 years ago
- A python metamorphic engine for PE/PE+ files.☆15Updated 2 years ago
- Static analysis tools for x86 assembly☆13Updated 8 years ago
- ☆16Updated 11 years ago
- ☆22Updated 4 years ago
- My collection of unpackers for malware packers/crypters☆28Updated 7 years ago
- PCAUSA Rawether for Windows Local Privilege Escalation☆38Updated 8 years ago
- A wrapper for capstone for bearparser☆14Updated 2 years ago
- Currently proof-of-concept☆17Updated 3 years ago
- The project was upgraded from https://coder.pub/ and supported VS2017. The original author wrote the detailed design ideas documentation…☆19Updated 7 years ago
- ☆36Updated 6 years ago
- Analysis and Modification Tool for Executables☆17Updated 6 years ago
- findLoop - find possible encryption/decryption or compression/decompression code☆26Updated 6 years ago
- automates exploits using ROP chains, using ntdll-scraper☆16Updated 3 years ago
- Proof of concept open source implementation of an UAC bypass exploit, based in 2 windows failures.☆12Updated 5 years ago
- Kernel mode windows NT API logger☆22Updated 5 years ago
- Simple remote administration tool. Written in c++ and MASM.☆18Updated 7 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆22Updated 8 years ago
- r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems☆26Updated 6 years ago
- User-mode part of Zerokit platform☆20Updated 6 years ago
- Will try to put here slides from now on when I give a talk☆24Updated 3 years ago
- ☆34Updated 7 years ago