Wker666 / exe-analyzer
一款64位Exe程序动态追踪执行流程以及保存信息的工具
☆40Updated 3 months ago
Alternatives and similar repositories for exe-analyzer:
Users that are interested in exe-analyzer are comparing it to the libraries listed below
- 《Windows 内核安全编程技术实践》 系列丛书,��探索 Anti RootKit 反内核工具核心原理与技术实现细节。☆46Updated 2 years ago
- ☆82Updated 4 years ago
- 使用 Intel 虚拟化特性实现应用层HOOK☆57Updated 2 months ago
- ☆82Updated 2 weeks ago
- 大数字驱动逆向代码☆71Updated last year
- InfinityHook 支持Win7 到 Win11 最新版本,虚拟机环境及物理机环境☆45Updated 4 months ago
- ☆26Updated last year
- shellcode 生成框架☆250Updated 2 years ago
- Mhy Exp (exploit signed driver)☆140Updated 2 years ago
- 一个用来做windows内核hook的框架☆83Updated 10 months ago
- 尽量汇聚反调试资源和利用对抗技术☆176Updated 8 months ago
- 研究和移除各种内核回调,在anti anti cheat的路上越走越远☆172Updated 2 years ago
- Radical Windows ARK☆219Updated 2 months ago
- 利用物理内存映射,实现虚拟内存的伪隐藏☆81Updated 2 years ago
- ☆17Updated 2 years ago
- IDA Pro plugin AntiXorstr☆108Updated this week
- Obfuscator-LLVM for LLVM 16.x branch☆193Updated last year
- 整合Pluto-Obfuscator和goron部分混淆,移植到LLVM-16.0.x,使用NewPassManager☆119Updated last year
- ☆197Updated last year
- Win7内核私有符号结构转储☆67Updated 3 years ago
- IDA高级技巧 API符号自动识别库 IDASignMaker☆128Updated 4 years ago
- 滴水中级内核学习☆28Updated last year
- 非编译时代码混淆,包括代码块拆分、代码乱序、常量加密、代码变异、抹除jcc、局部混淆等,主要提供框架以及思路☆30Updated last year
- 隐藏可执行内存☆246Updated 11 months ago
- Example of reading process memory through kernel special APC☆101Updated last year
- Ida pro plugin. The antiVM aims to quickly identify anti-virtual machine and anti-sandbox behavior. This can speed up malware analysis.☆38Updated 2 years ago
- ☆60Updated 4 months ago
- 可在非测试模式下符号化读取内核内存。Kernel memory can be read symbolically in non test mode。☆107Updated 2 years ago
- Forked LLVM focused on MSVC Compatibility. This version is designed for windows users☆84Updated last week
- An IDA pro plugin to display user-added comments in disassembly and pseudocode views.☆79Updated last year