cylance / winapi-deobfuscation

Related projects ⓘ

Alternatives and complementary repositories for winapi-deobfuscation

• bnbdr / swisscheese
  Exploits for YARA 3.7.1 & 3.8.1
  ☆30Updated 5 years ago
• 0xAlexei / Publications
  My conference presentations and publications
  ☆26Updated 2 years ago
• benoitsevens / applying-ttd-to-malware-analysis
  Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019
  ☆39Updated 5 years ago
• ulexec / EmotetCFU
  WIP Emotet Control Flow Unflattening using miasm and radare2
  ☆23Updated last year
• mxmssh / netafl
  winAFL patch to enable network-based apps fuzzing
  ☆37Updated 6 years ago
• bluefrostsecurity / Meltdown-KVA-Shadow-Leak
  ☆44Updated 4 years ago
• williballenthin / idawilli
  IDA Pro resources, scripts, and configurations
  ☆111Updated 8 months ago
• tetrane / reven2-resources
  reven2-scripts contains a set of REVEN scripts to automate timeless-analysis on REVEN traces.
  ☆30Updated 2 years ago
• v-p-b / WindowsDefenderTools
  Tools for instrumenting Windows Defender's mpengine.dll
  ☆36Updated 6 years ago
• edeca / rtfraptor
  Extract OLEv1 objects from RTF files by instrumenting Word
  ☆51Updated 5 years ago
• siberas / CVE-2016-3309_Reloaded
  Exploits for the win32kfull!bFill vulnerability on Win10 x64 RS2 using Bitmap or Palette techniques
  ☆53Updated 7 years ago
• piotrflorczyk / cve-2018-8174_analysis
  Analysis of VBS exploit CVE-2018-8174
  ☆30Updated 6 years ago
• hasherezade / flareon2019
  Flare-On solutions
  ☆36Updated 5 years ago
• MortenSchenk / RtlCaptureContext-CFG-Bypass
  Internet Explorer Exploit with CFG bypass for Windows 10
  ☆53Updated 7 years ago
• n1ght-w0lf / QilingForMalwareAnalysis
  Code snippets for Qiling Tutorials
  ☆20Updated 4 years ago
• IOActive / FuzzNDIS
  A Fuzzer for Windows NDIS Drivers OID Handlers
  ☆91Updated 3 years ago
• aguinet / miasm-bootloader
  x86 bootloader emulation with Miasm (case of NotPetya)
  ☆40Updated 5 years ago
• quarkslab / whvp
  PoC for a snapshot-based coverage-guided fuzzer targeting Windows kernel components
  ☆68Updated 3 years ago
• danielplohmann / empty_msvc
  A collection of empty MSVC projects, compiled using various versions and configurations of Visual Studio.
  ☆30Updated 5 months ago
• rogue-kdc / CVE-2019-1253
  ☆49Updated 5 years ago
• fdfalcon / TypeIsolationDbg
  A little WinDbg extension to help dump the state of Win32k Type Isolation structures.
  ☆38Updated 6 years ago
• alexander-hanel / hansel
  Hansel - a simple but flexible search for IDA
  ☆26Updated 5 years ago
• carter-yagemann / vmi-unpack
  VMI-Unpack - A Virtual Machine Introspection (VMI) based generic unpacker.
  ☆54Updated 4 years ago
• wmliang / windowsland
  HITCON CTF 2018
  ☆45Updated 6 years ago
• Fare9 / Genaytyk-VM
  My notes about Genyatyk VM crackme
  ☆27Updated 4 years ago
• Brandon-Everhart / AngryIDA
  Python based angr plug in for IDA Pro.
  ☆34Updated 6 years ago
• reb311ion / emerald
  Import DynamoRIO drcov code coverage data into Ghidra
  ☆42Updated 11 months ago
• wy666444 / auto_rop
  ARG: Automatic ROP chains Generation
  ☆22Updated 5 years ago
• CENSUS / windows_10_rs2_rs3_exploitation_primitives
  Windows 10 RS2/RS3 exploitation primitives based on the OffensiveCon 2018 talk
  ☆55Updated 6 years ago