baderj / practical-reverse-engineering

Related projects: ⓘ

• OALabs / PyIATRebuild
  Automatically rebuild Import Address Table for dumped PE file. With python bindings!
  ☆115Updated 5 years ago
• rrbranco / blackhat2012
  Blackhat 2012 Sample Codes
  ☆91Updated 8 years ago
• Fare9 / Windows-Internals
  My repository to upload drivers from different books and all the information related to windows internals.
  ☆153Updated 5 years ago
• hasherezade / funky_malware_formats
  Parsers for custom malware formats ("Funky malware formats")
  ☆92Updated 2 years ago
• jthuraisamy / DIRT
  Driver Initial Reconnaissance Tool
  ☆119Updated 4 years ago
• MalwareTech / BasicHook
  x86 Inline hooking engine (using trampolines)
  ☆91Updated 9 years ago
• tandasat / scripts_for_RE
  Python scripts for reverse engineering.
  ☆178Updated 3 years ago
• LordNoteworthy / binary-auditing-solutions
  Learn the fundamentals of Binary Auditing. Know how HLL mapping works, get more inner file understanding than ever.
  ☆74Updated 3 years ago
• HexHive / malWASH
  ☆112Updated 8 years ago
• hasherezade / antianalysis_demos
  Set of antianalysis techniques found in malware
  ☆124Updated last year
• bruce30262 / TWindbg
  PEDA-like debugger UI for WinDbg
  ☆198Updated 5 months ago
• ionescu007 / HookingNirvana
  Recon 2015 Presentation from Alex Ionescu
  ☆228Updated 8 years ago
• OALabs / findyara-ida
  IDA python plugin to scan binary with Yara rules
  ☆167Updated 7 months ago
• crappycrypto / wincrypto
  Windows Crypto API compatible decryption/encryption for python
  ☆47Updated last year
• fboldewin / COM-Code-Helper
  Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code
  ☆177Updated 3 years ago
• williballenthin / idawilli
  IDA Pro resources, scripts, and configurations
  ☆110Updated 5 months ago
• adamkramer / jmp2it
  Transfer EIP control to shellcode during malware analysis investigation
  ☆73Updated 9 years ago
• x64dbg / mona
  Fork of mona.py with x64dbg support
  ☆95Updated 2 years ago
• jthuraisamy / ioctlpus
  ☆107Updated 4 years ago
• MalwareTech / ZombifyProcess
  Inject code into a legitimate process
  ☆141Updated 9 years ago
• koutto / ioctlbf
  Windows Kernel Drivers fuzzer
  ☆289Updated 7 years ago
• tyranid / windows-logical-eop-workshop
  ☆227Updated 7 years ago
• maldevel / driver-loader
  Load a Windows Kernel Driver
  ☆89Updated 7 years ago
• saaramar / Deterministic_LFH
  Have fun with the LowFragmentationHeap
  ☆229Updated 3 years ago
• tandasat / WinIoCtlDecoder
  IDA Plugin which decodes Windows Device I/O control code into DeviceType, FunctionCode, AccessType and MethodType.
  ☆106Updated 9 months ago
• OALabs / frida-wshook
  Script analysis tool based on Frida.re
  ☆127Updated 7 years ago
• RolfRolles / FinSpyVM
  Static unpacker for FinSpy VM
  ☆97Updated 3 years ago
• raminfp / basicwindowskernelprogramming
  Basic Windows Kernel Programming
  ☆120Updated 4 years ago
• MagnetForensics / SwishDbgExt
  Incident Response & Digital Forensics Debugging Extension
  ☆367Updated 5 years ago