avast / pe_tools

Related projects ⓘ

Alternatives and complementary repositories for pe_tools

• hasherezade / pin_n_sieve
  An experimental dynamic malware unpacker based on Intel Pin and PE-sieve
  ☆57Updated 3 months ago
• mgeeky / PE-library
  Lightweight Portable Executable parsing library and a demo peParser application.
  ☆75Updated last year
• therealdreg / windbgtocstruct
  Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…
  ☆26Updated last year
• je5442804 / CreateProcessInternalW-Full
  Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post
  ☆47Updated 2 months ago
• jbaines-r7 / dellicious
  Enabled / Disable LSA Protection via BYOVD
  ☆62Updated 2 years ago
• hasherezade / libpeconv_tpl
  A ready-made template for a project based on libpeconv.
  ☆41Updated last month
• Microwave89 / createuserprocess
  Three Tiny Examples of Directly Using Vista's NtCreateUserProcess
  ☆85Updated 9 years ago
• yardenshafir / CallbackObjectAnalyzer
  Dumps information about all the callback objects found in a dump file and the functions registered for them
  ☆34Updated 4 years ago
• ch3rn0byl / WinDbg-Extensions
  ☆17Updated 3 years ago
• hasherezade / pe_utils
  A set of small utilities, helpers for PIN tracers
  ☆31Updated last year
• magnusstubman / dll-exports
  Collection of DLL function export forwards for DLL export function proxying
  ☆91Updated last year
• ytk2128 / pe32-password
  Sample project that encrypts windows 32-bit executables with password
  ☆52Updated 2 years ago
• mathisvickie / CVE-2021-21551
  arbitrary kernel read/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority/system
  ☆53Updated 3 years ago
• rad9800 / VehApiResolve
  ☆98Updated 2 years ago
• sgabe / SymlinkProtect
  File system minifilter driver for Windows to block symbolic link attacks.
  ☆51Updated 3 years ago
• kkent030315 / NtSymbol
  Resolve DOS MZ executable symbols at runtime
  ☆93Updated 3 years ago
• hMihaiDavid / addscn
  Add an empty section to a PE file
  ☆50Updated 7 years ago
• jeperez / WinREPL
  x86 and x64 assembly "read-eval-print loop" for Windows
  ☆26Updated 7 years ago
• libyal / libmdmp
  Library and tools to access the Windows Minidump (MDMP) format
  ☆38Updated 4 months ago
• jonaslyk / temp
  ☆65Updated last year
• yardenshafir / cet-research
  A collection of tools, source code, and papers researching Windows' implementation of CET.
  ☆74Updated 4 years ago
• Coldzer0 / TinyPDBParser
  Windows PDB Parser using Imagehlp library.
  ☆16Updated 2 years ago
• 0vercl0k / inject
  Yet another Windows DLL injector.
  ☆38Updated 3 years ago
• zodiacon / winnativeapibooksamples
  Samples from my book Windows Native API programming
  ☆57Updated 4 months ago
• gabriellandau / ShadowStackWalk
  Finding Truth in the Shadows
  ☆84Updated last year
• tandasat / CVE-2022-25949
  A years-old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77.
  ☆36Updated 2 years ago
• 0xMegaByte / COM-Explained
  ☆27Updated 2 years ago
• zodiacon / VerifierDLL
  Example of building an application verifer DLL
  ☆44Updated 5 months ago
• worawit / malk
  Demonstrate calling a kernel function and handle process creation callback against HVCI
  ☆49Updated last year
• ionescu007 / r0ak
  ☆28Updated 6 years ago