Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019
☆42Oct 23, 2019Updated 6 years ago
Alternatives and similar repositories for applying-ttd-to-malware-analysis
Users that are interested in applying-ttd-to-malware-analysis are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Windbg extension that allows you analyze Control Flow Guard map☆38Oct 7, 2021Updated 4 years ago
- enable libemu run pe file and add some good modify☆14Feb 4, 2019Updated 7 years ago
- ☆12Feb 19, 2017Updated 9 years ago
- A POC for Windows Extension Host hooking☆24Jul 13, 2019Updated 6 years ago
- Utility for dumping all the information Capstone has on given instructions.☆23Oct 1, 2021Updated 4 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Network monitor for Linux☆13Aug 11, 2019Updated 6 years ago
- findLoop - find possible encryption/decryption or compression/decompression code☆28Mar 30, 2019Updated 6 years ago
- Carving tool based in Radare2 & Yara☆16Oct 30, 2018Updated 7 years ago
- ☆35Jul 20, 2021Updated 4 years ago
- r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems☆14Jan 16, 2019Updated 7 years ago
- A small HTTP server written in C++ using IO Completion Ports.☆24Sep 13, 2017Updated 8 years ago
- A driver that supports communication between a Windows guest and HyperWin☆15Jan 6, 2021Updated 5 years ago
- Reverse engineering toolkit for exploit/malware analysis☆35May 10, 2020Updated 5 years ago
- Kernel-mode file scanner☆19Jul 16, 2018Updated 7 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Diff tool for comparing symbols in PDB files☆84Mar 4, 2020Updated 6 years ago
- Crystal Anti-Exploit Protection 2012☆37May 31, 2020Updated 5 years ago
- My research environment based off of Microsoft's Singularity RDK/ Verve.☆16Nov 27, 2016Updated 9 years ago
- collection of links related to using and improving windbg☆20Jun 17, 2018Updated 7 years ago
- AllMemPro☆46Jan 15, 2018Updated 8 years ago
- Listens for Firewall rule match events generated by Microsoft Hyper-V Virtual Filter Protocol (VFP) extension.☆31Jan 26, 2021Updated 5 years ago
- school project for learning cpu virtualize technology by understanding the blue pill project☆20Aug 14, 2015Updated 10 years ago
- ☆29May 10, 2020Updated 5 years ago
- Summit Route End Point Protection - Server code☆11Apr 10, 2016Updated 9 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Hyper-V Research is trendy now☆199May 6, 2024Updated last year
- ☆12Aug 2, 2017Updated 8 years ago
- Class implementation of PowerLoader injection technique☆32Dec 23, 2016Updated 9 years ago
- My RE challenge from Northsec 2018.☆14Jun 1, 2022Updated 3 years ago
- Event Tracing for Windows Custom Events☆21Jan 28, 2015Updated 11 years ago
- ☆11Feb 14, 2025Updated last year
- Kernel-Mode rootkit that connects to a remote server to send & recv commands☆33Sep 2, 2018Updated 7 years ago
- The Network project is a C++ encapsulation of WinSock2 to form a lightweight network library; The Graphics project is a C++ encapsulation…☆13Oct 31, 2017Updated 8 years ago
- A windbg extension for ASLR/DEP/SafeSEH check☆28May 19, 2018Updated 7 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Implement communication between c++ and javascript with IWebBrowser2☆21Jan 5, 2025Updated last year
- A little WinDbg extension to help dump the state of Win32k Type Isolation structures.☆38Feb 2, 2018Updated 8 years ago
- An API Monitor based on Instrumentation☆43Dec 19, 2017Updated 8 years ago
- [ARCHIVED] mov rax, ${Thalium/IceBox}; jmp rax;☆76Jun 8, 2019Updated 6 years ago
- crauEmu is an uEmu extension for developing and analyzing payloads for code-reuse attacks☆111Dec 11, 2019Updated 6 years ago
- HAXM hypervisor client☆18Nov 30, 2018Updated 7 years ago
- Scripts targeting specific families☆13Jul 3, 2017Updated 8 years ago