axcheron / pycaveLinks
Simple tool to find code caves in Portable Executable (PE) files.
☆23Updated 6 years ago
Alternatives and similar repositories for pycave
Users that are interested in pycave are comparing it to the libraries listed below
Sorting:
- Small visualizator for PE files☆69Updated last year
- Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks☆68Updated 4 years ago
- A C++ POC for process injection using NtCreateSectrion, NtMapViewOfSection and RtlCreateUserThread. Credit to @spotheplanet for his notes…☆43Updated 4 years ago
- An Xdbg Plugin of the ERC Library.☆26Updated last year
- The following repository contains a modified version of SUNBURST with cracekd hashes, comments and annotations.☆56Updated 4 years ago
- a PE Loader and Windows API tracer. Useful in malware analysis.☆143Updated 2 years ago
- PE File Blessing - To continue or not to continue☆87Updated 5 years ago
- Dumping credentials through windbg and pykd☆41Updated last year
- VBScript & VBA source-to-source deobfuscator with partial-evaluation☆80Updated last year
- C++ DLL Bootstrapper for spinning up the CLR for C# Payloads☆44Updated 6 years ago
- How to set up 2 VirtualBox VM to debug kernel driver using windbg☆55Updated 3 years ago
- ☆71Updated 2 years ago
- Tools that trigger False Positive AV alerts☆50Updated 8 months ago
- Batch script to compile a binary shellcode blob into an exe file☆88Updated 6 years ago
- Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …☆111Updated 4 years ago
- Parser for a custom executable formats from Hidden Bee and Rhadamanthys malware☆55Updated 3 weeks ago
- TrashDBG the world's worse debugger☆23Updated 3 years ago
- Ebfuscator: Abusing system errors for binary obfuscation☆52Updated 5 years ago
- A Python script to download PDB files associated with a Portable Executable (PE)☆125Updated 6 months ago
- A simple python implementation of a BITS server.☆105Updated 3 years ago
- Proxy system calls over an RPC channel☆99Updated 3 years ago
- A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows☆53Updated 4 years ago
- Recreating and reviewing the Windows persistence methods☆39Updated 3 years ago
- From directory deletion to SYSTEM shell☆111Updated 5 years ago
- Security Descriptor Definition Language (SDDL) Parser☆38Updated 5 years ago
- This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on th…☆15Updated 4 years ago
- Winbindex bot to pull in binaries for specific releases☆48Updated last year
- The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.☆166Updated last month
- Go Lang Portable Executable Parser☆39Updated 4 years ago
- A powershell parser for https://github.com/ufrisk/MemProcFS☆44Updated 4 years ago