XaFF-XaFF / WinREPL
WinREPL is a "read-eval-print loop" shell on Windows that is useful for testing/learning x86 and x64 assembly.
☆14Updated 2 years ago
Alternatives and similar repositories for WinREPL:
Users that are interested in WinREPL are comparing it to the libraries listed below
- An Assembly x86 code that shows Windows MessageBox kept as simple as possible.☆11Updated 2 years ago
- Using Thread Description To Hide Shellcodes☆14Updated 2 years ago
- Implementation of ITaskHandler in C++☆13Updated 2 years ago
- Tools for analyzing Windows containers and break container's isolation☆31Updated 2 years ago
- automates exploits using ROP chains, using ntdll-scraper☆16Updated 2 years ago
- An attempt at reversing WindowsDefender☆20Updated 6 months ago
- Subtract one PE file from another!☆21Updated 3 years ago
- ☆15Updated last year
- run process as PPL Antimalware☆10Updated last year
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆39Updated 4 years ago
- XOrCryptEx lightweight C Utility/Algorithm☆11Updated 3 years ago
- ☆52Updated 2 years ago
- ☆8Updated 2 years ago
- genpatch is IDA plugin that generates a python script for patching binary☆32Updated last year
- Code Integrity Violation Spotter☆16Updated 10 months ago
- Hardware Spoofing & VirtualBox-Hardening x64 Bootkit☆16Updated 2 years ago
- WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs☆18Updated last year
- Simple .NET profiler shellcode loader☆10Updated 3 years ago
- ☆20Updated 3 months ago
- Non organized Cpp code files I used for my research on Windows☆18Updated 4 years ago
- 关闭恶意驱动的文件和注册表保护☆12Updated 2 years ago
- Basic utilities for executing, reading and writing 64-bit data in a 32-bit WoW64 process☆17Updated 2 years ago
- ☆12Updated last year
- Dangling COM Keys Finder☆17Updated 3 years ago
- An example of how to use Microsoft Windows Warbird technology☆27Updated last year
- A PE morphing tool that allows you to mimic one executable file to another.☆11Updated last year
- Helper scripts for windows debugging with symbols for Bochs and IDA Pro (PDB files). Very handy for user mode <--> kernel mode☆19Updated last year
- ☆26Updated 3 years ago
- Proof of Concept example for abusing Process Hacker 2 (v2.39.124)☆21Updated 5 months ago
- C code to enable ETW tracing for Dotnet Assemblies☆31Updated 2 years ago