benoitsevens / applying-ttd-to-malware-analysisView external linksLinks
Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019
☆42Oct 23, 2019Updated 6 years ago
Alternatives and similar repositories for applying-ttd-to-malware-analysis
Users that are interested in applying-ttd-to-malware-analysis are comparing it to the libraries listed below
Sorting:
- Windbg extension that allows you analyze Control Flow Guard map☆38Oct 7, 2021Updated 4 years ago
- Network monitor for Linux☆13Aug 11, 2019Updated 6 years ago
- ☆12Feb 19, 2017Updated 8 years ago
- Utility for dumping all the information Capstone has on given instructions.☆23Oct 1, 2021Updated 4 years ago
- ☆12Aug 2, 2017Updated 8 years ago
- A POC for Windows Extension Host hooking☆24Jul 13, 2019Updated 6 years ago
- enable libemu run pe file and add some good modify☆14Feb 4, 2019Updated 7 years ago
- My research environment based off of Microsoft's Singularity RDK/ Verve.☆16Nov 27, 2016Updated 9 years ago
- Kernel-mode file scanner☆19Jul 16, 2018Updated 7 years ago
- A driver that supports communication between a Windows guest and HyperWin☆15Jan 6, 2021Updated 5 years ago
- Reverse engineering toolkit for exploit/malware analysis☆35May 10, 2020Updated 5 years ago
- Diff tool for comparing symbols in PDB files☆84Mar 4, 2020Updated 5 years ago
- A small HTTP server written in C++ using IO Completion Ports.☆23Sep 13, 2017Updated 8 years ago
- AllMemPro☆46Jan 15, 2018Updated 8 years ago
- ☆35Jul 20, 2021Updated 4 years ago
- An API Monitor based on Instrumentation☆44Dec 19, 2017Updated 8 years ago
- Implement communication between c++ and javascript with IWebBrowser2☆21Jan 5, 2025Updated last year
- HAXM hypervisor client☆18Nov 30, 2018Updated 7 years ago
- Hyper-V Research is trendy now☆197May 6, 2024Updated last year
- Event Tracing for Windows Custom Events☆21Jan 28, 2015Updated 11 years ago
- collection of links related to using and improving windbg☆20Jun 17, 2018Updated 7 years ago
- ☆19Mar 16, 2017Updated 8 years ago
- A little WinDbg extension to help dump the state of Win32k Type Isolation structures.☆38Feb 2, 2018Updated 8 years ago
- A debugger for windows platform☆20Oct 31, 2018Updated 7 years ago
- ☆12Feb 8, 2021Updated 5 years ago
- The Network project is a C++ encapsulation of WinSock2 to form a lightweight network library; The Graphics project is a C++ encapsulation…☆13Oct 31, 2017Updated 8 years ago
- exploit of smt proxyoverflow bug, i.e. CVE-2018–10376☆10May 4, 2018Updated 7 years ago
- Listens for Firewall rule match events generated by Microsoft Hyper-V Virtual Filter Protocol (VFP) extension.☆31Jan 26, 2021Updated 5 years ago
- HTTP/HTTPS/DNS inspector (windows driver)☆27Feb 20, 2019Updated 6 years ago
- Malware Analysis, Anti-Analysis, and Anti-Anti-Analysis☆45Sep 16, 2017Updated 8 years ago
- school project for learning cpu virtualize technology by understanding the blue pill project☆20Aug 14, 2015Updated 10 years ago
- findLoop - find possible encryption/decryption or compression/decompression code☆26Mar 30, 2019Updated 6 years ago
- [ARCHIVED] mov rax, ${Thalium/IceBox}; jmp rax;☆76Jun 8, 2019Updated 6 years ago
- Kernel heap pointer disclosure in IOGraphicsFamily.☆12Aug 19, 2017Updated 8 years ago
- A repository containing sample srop exploits and vulnerable binaries.☆12Sep 17, 2019Updated 6 years ago
- AMD SVM hypervisor rootkit proof of concept☆48Sep 23, 2023Updated 2 years ago
- An IdaPython tool for getting syscall's ID and function name from ntdll.dll, user32.dll, and so on.☆13Oct 2, 2016Updated 9 years ago
- MouHidInputHook enables users to filter, modify, and inject mouse input data packets into the input data stream of HID USB mouse devices …☆11Jul 11, 2019Updated 6 years ago
- Windows device tree walker☆15Sep 19, 2018Updated 7 years ago