XaFF-XaFF / WinREPL
WinREPL is a "read-eval-print loop" shell on Windows that is useful for testing/learning x86 and x64 assembly.
☆10Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for WinREPL
- Using Thread Description To Hide Shellcodes☆13Updated 2 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆37Updated 3 years ago
- Subtract one PE file from another!☆19Updated 3 years ago
- An attempt at reversing WindowsDefender☆20Updated last month
- Yet another Windows DLL injector.☆38Updated 2 years ago
- XOrCryptEx lightweight C Utility/Algorithm☆11Updated 2 years ago
- Reduce Dynamic Analysis Detection Rates With Built-In Unhooker, Anti Analysis Techniques, And String Obfuscator Modules.☆18Updated last year
- Some drivers I've written while solving exercises from Practical Reverse Engineering☆14Updated 2 years ago
- FastSymApi - A Fast API PDB Symbol Cache Server that efficiently caches and compresses PDBs on disk for quick and repeated retrieval.☆18Updated last month
- Hooking Heavens Gate in a weekend☆13Updated 2 years ago
- automates exploits using ROP chains, using ntdll-scraper☆16Updated 2 years ago
- Process injection via KernelCallbackTable☆14Updated 2 years ago
- Code Integrity Violation Spotter☆17Updated 5 months ago
- Experiment with d_olex's firmware and conducting "preboot" attack☆15Updated last year
- 关闭恶意驱动的文件和注册表保护☆11Updated 2 years ago
- A years-old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77.☆36Updated 2 years ago
- Implementation of ITaskHandler in C++☆12Updated last year
- Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…☆22Updated 4 years ago
- An example of Windows self-replicating malware.☆10Updated last year
- A kernel mode Windows rootkit in development.☆49Updated 2 years ago
- Collection of IDA helpers☆15Updated 2 years ago
- Tiny driver patch to allow kernel callbacks to work on Win10 21h1☆31Updated 2 years ago
- ☆17Updated last year
- genpatch is IDA plugin that generates a python script for patching binary☆31Updated 10 months ago
- ☆12Updated 2 years ago
- A proof of concept of real custom GetProcAddress and GetModuleBaseAddress☆19Updated 2 years ago