arcana-technologies / arcana.elfscan
ELF binary forensics tool for APT, virus, backdoor and rootkit detection
☆42Updated 5 months ago
Related projects: ⓘ
- Slides, recordings and materials of my public presentations, talks and workshops.☆73Updated 2 months ago
- Dynamic-Static binary instrumentation framework on top of GDB☆48Updated 11 months ago
- rp-bf: A library to bruteforce ROP gadgets by emulating a Windows user-mode crash-dump☆110Updated 4 months ago
- Shiva is a programmable dynamic linker for loading ELF microprograms☆29Updated last year
- ☆59Updated last week
- WinDbg extension written in Rust to dump the CPU / memory state of a running VM☆110Updated last month
- Slides and Material for "SymbolicExecutionDemystified" Presentation @ Insomni'Hack 2022☆98Updated 2 years ago
- Binary exploitation by confusing the unwinder☆56Updated last year
- A tool for firmware cartography☆135Updated 6 months ago
- ☆56Updated last year
- Code injection from Linux kernel to a process☆19Updated last year
- ☆128Updated 7 months ago
- Highly advanced Linux anti-exploitation and anti-tamper binary protector for ELF.☆151Updated 2 years ago
- ☆70Updated 2 months ago
- A fast execution trace symbolizer for Windows that runs on all major platforms and doesn't depend on any Microsoft libraries.☆84Updated last month
- A BinaryNinja plugin for contextual gadget analysis and semantic/hueristic based querying.☆43Updated 3 months ago
- Writeups for CTF challenges☆28Updated 10 months ago
- Kernel Read Write Execute☆85Updated 3 weeks ago
- ☆71Updated 5 months ago
- OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI and the Task of the Translator"☆43Updated 3 months ago
- Damn Vulenerable Kernel Module for kernel fuzzing☆46Updated 2 months ago
- Python bindings for BochsCPU☆33Updated last month
- A custom ELF linker/loader for installing ET_REL binary patches at runtime☆139Updated 2 weeks ago
- ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…☆106Updated 2 weeks ago
- SMM UEFI module and client for UMD privilege escalation☆28Updated last year
- ☆30Updated last year
- ☆65Updated 2 months ago
- Slides about HyperDbg☆28Updated 3 months ago
- Static Binary Instrumentation tool for Windows x64 executables☆176Updated last month
- Leveraging patch diffing to discover new vulnerabilities☆101Updated last year