cylance / winapi-deobfuscation
Towards Generic Deobfuscation of Windows API Calls
☆50Updated 5 years ago
Related projects ⓘ
Alternatives and complementary repositories for winapi-deobfuscation
- Analysis of VBS exploit CVE-2018-8174☆30Updated 6 years ago
- Tools for instrumenting Windows Defender's mpengine.dll☆36Updated 6 years ago
- ☆46Updated 7 years ago
- Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019☆39Updated 5 years ago
- My conference presentations and publications☆26Updated 2 years ago
- ☆44Updated 4 years ago
- Internet Explorer Exploit with CFG bypass for Windows 10☆53Updated 7 years ago
- winAFL patch to enable network-based apps fuzzing☆37Updated 6 years ago
- A Fuzzer for Windows NDIS Drivers OID Handlers☆91Updated 3 years ago
- Extract OLEv1 objects from RTF files by instrumenting Word☆51Updated 4 years ago
- My notes about Genyatyk VM crackme☆27Updated 4 years ago
- Exploits for YARA 3.7.1 & 3.8.1☆30Updated 5 years ago
- ☆31Updated 6 years ago
- A little WinDbg extension to help dump the state of Win32k Type Isolation structures.☆38Updated 6 years ago
- Public repository for HEVD exploits☆20Updated 6 years ago
- Flare-On solutions☆36Updated 5 years ago
- A framework for static analysis of ROP exploits and programs☆40Updated 5 years ago
- Hansel - a simple but flexible search for IDA☆26Updated 5 years ago
- Exploits for the win32kfull!bFill vulnerability on Win10 x64 RS2 using Bitmap or Palette techniques☆53Updated 7 years ago
- A new binary injection technique, can easily go through any #CIG protected process and slip through all possible defenses without any inj…☆18Updated 6 years ago
- Windows 10 RS2/RS3 exploitation primitives based on the OffensiveCon 2018 talk☆55Updated 6 years ago
- reven2-scripts contains a set of REVEN scripts to automate timeless-analysis on REVEN traces.☆30Updated 2 years ago
- ☆62Updated 7 years ago
- ☆33Updated last year
- elgoog/searchme challenge from 34C3 CTF / WCTF 2018: sources & exploit☆67Updated 6 years ago
- Use angr inside the radare2 debugger. Create an angr state from the current debugger state.☆34Updated 5 years ago
- WIP Emotet Control Flow Unflattening using miasm and radare2☆23Updated last year
- PoC for CVE-2017-0075☆36Updated 5 years ago
- ☆49Updated 5 years ago