VertexToEdge / WindowFunctionTracerLinks
Window Executable file Function tracer using Debugging API
☆44Updated 5 years ago
Alternatives and similar repositories for WindowFunctionTracer
Users that are interested in WindowFunctionTracer are comparing it to the libraries listed below
Sorting:
- Windbg extension that allows you analyze Control Flow Guard map☆35Updated 3 years ago
- ☆14Updated 4 years ago
- ☆16Updated 5 years ago
- Takes a Windbg dumped structure (using the 'dt' command) and formats it into a C structure☆35Updated 10 months ago
- win32/x64 obfuscate framework☆32Updated 6 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆22Updated 8 years ago
- Kernel-mode file scanner☆18Updated 6 years ago
- Shareds for kernel developement☆28Updated 11 years ago
- Wow64 syscall hook☆40Updated 8 years ago
- Static library and headers for linking your software with ntdll.dll☆32Updated 5 years ago
- just an lite AntiRootkit for interesting☆23Updated 9 years ago
- unicorn emulator for x64dbg☆33Updated 7 years ago
- x64dbg Malware Plugin. Detect malicious materials☆15Updated 4 years ago
- Plugin for x64dbg to break on unresolved APIs.☆12Updated 7 years ago
- Headers for linking your software with ntdll.dll☆15Updated 4 years ago
- ☆19Updated 5 years ago
- An API Monitor based on Instrumentation☆43Updated 7 years ago
- Undocumented NsiAllocateAndGetTable usage in GetTcpTableInternal reverse engineered on Win7 X64☆20Updated 7 years ago
- Figuring out the cause of a handle downgrade☆24Updated 2 years ago
- Detects if a Kernel mode debugger is active by reading the value of KUSER_SHARED_DATA.KdDebuggerEnabled. It is a high level and portable …☆23Updated 7 years ago
- ☆32Updated 6 years ago
- User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.☆19Updated 9 years ago
- Windows build files for the VMHunt Intel PIN Trace tool☆19Updated 6 years ago
- IDA script for vmprotect Windows Api address decoder☆51Updated 3 years ago
- init☆13Updated 5 years ago
- User-mode program parsing logs created by HyperPlatform☆18Updated 8 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆29Updated 8 years ago
- Remote memory library in C++17.☆31Updated 7 years ago
- Call 32bit NtDLL API directly from WoW64 Layer☆60Updated 4 years ago
- vmware-backdoor☆33Updated 3 years ago