badhive / alcaLinks
Rule Engine for Dynamic Malware Analysis and Research
☆25Updated 4 months ago
Alternatives and similar repositories for alca
Users that are interested in alca are comparing it to the libraries listed below
Sorting:
- ☆31Updated 5 months ago
- ☆49Updated 5 months ago
- A set of LLVM and GCC based plugins that perform code obfuscation.☆127Updated 2 months ago
- ☆88Updated 6 months ago
- Intel 64/Windows low-level experiments☆60Updated last month
- This x64dbg plugin allows you to upload your sample to Malcore and view the results.☆37Updated 2 years ago
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆67Updated 4 months ago
- bypassing intel txt's tboot integrity checks via coreboot shim☆80Updated 5 months ago
- A few examples of how to trap virtual memory access on Windows.☆33Updated 8 months ago
- ☆92Updated last year
- Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…☆87Updated last month
- Slaying multi-language LLVM IR with obfuscation passes to achieve JIT execution☆112Updated 3 weeks ago
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆108Updated 2 years ago
- Binary Ninja plugin to deobfuscate strings obfuscated with the Garble project☆34Updated 5 months ago
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆118Updated last year
- Crate for generating and hooking into proxy DLLs with Rust.☆26Updated this week
- ☆71Updated 2 years ago
- All LLVM binaries scrambled with SigBreaker and used to test against llvm-lit☆24Updated 3 months ago
- lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.☆114Updated 11 months ago
- dynamic binary instrumentation, analysis, and patching framework☆93Updated this week
- REcon 2024 Repo, slides for talk "GOP Complex: Image parsing bugs, EBC polymorphic engines and the Deus ex machina of UEFI exploit dev""☆13Updated 4 months ago
- ☆57Updated 4 months ago
- "Service-less" driver loading☆159Updated 8 months ago
- Finding Truth in the Shadows☆116Updated 2 years ago
- Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…☆79Updated 2 months ago
- A Python script to download PDB files associated with a Portable Executable (PE)☆125Updated 6 months ago
- Easy encrypt/decrypt data with TPM☆25Updated last year
- Plugin interface for remote communications with Binary Ninja database and MCP server for interfacing with LLMs.☆41Updated 3 months ago
- PEIM (UEFI) bootkit targeting OVMF (EDK2)☆36Updated last year
- Payload Obfuscation for Red Teams workshop materials☆53Updated 2 months ago