cylance / winapi-deobfuscation

Related projects ⓘ

Alternatives and complementary repositories for winapi-deobfuscation

• piotrflorczyk / cve-2018-8174_analysis
  Analysis of VBS exploit CVE-2018-8174
  ☆30Updated 6 years ago
• v-p-b / WindowsDefenderTools
  Tools for instrumenting Windows Defender's mpengine.dll
  ☆36Updated 6 years ago
• sam-b / HackSysDriverExploits
  ☆46Updated 7 years ago
• benoitsevens / applying-ttd-to-malware-analysis
  Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019
  ☆39Updated 5 years ago
• 0xAlexei / Publications
  My conference presentations and publications
  ☆26Updated 2 years ago
• bluefrostsecurity / Meltdown-KVA-Shadow-Leak
  ☆44Updated 4 years ago
• MortenSchenk / RtlCaptureContext-CFG-Bypass
  Internet Explorer Exploit with CFG bypass for Windows 10
  ☆53Updated 7 years ago
• mxmssh / netafl
  winAFL patch to enable network-based apps fuzzing
  ☆37Updated 6 years ago
• IOActive / FuzzNDIS
  A Fuzzer for Windows NDIS Drivers OID Handlers
  ☆91Updated 3 years ago
• edeca / rtfraptor
  Extract OLEv1 objects from RTF files by instrumenting Word
  ☆51Updated 4 years ago
• Fare9 / Genaytyk-VM
  My notes about Genyatyk VM crackme
  ☆27Updated 4 years ago
• bnbdr / swisscheese
  Exploits for YARA 3.7.1 & 3.8.1
  ☆30Updated 5 years ago
• progmboy / kernel_vul_poc
  ☆31Updated 6 years ago
• fdfalcon / TypeIsolationDbg
  A little WinDbg extension to help dump the state of Win32k Type Isolation structures.
  ☆38Updated 6 years ago
• hugsy / hevd
  Public repository for HEVD exploits
  ☆20Updated 6 years ago
• hasherezade / flareon2019
  Flare-On solutions
  ☆36Updated 5 years ago
• season-lab / ropdissector
  A framework for static analysis of ROP exploits and programs
  ☆40Updated 5 years ago
• alexander-hanel / hansel
  Hansel - a simple but flexible search for IDA
  ☆26Updated 5 years ago
• siberas / CVE-2016-3309_Reloaded
  Exploits for the win32kfull!bFill vulnerability on Win10 x64 RS2 using Bitmap or Palette techniques
  ☆53Updated 7 years ago
• smgorelik / CIGslip
  A new binary injection technique, can easily go through any #CIG protected process and slip through all possible defenses without any inj…
  ☆18Updated 6 years ago
• CENSUS / windows_10_rs2_rs3_exploitation_primitives
  Windows 10 RS2/RS3 exploitation primitives based on the OffensiveCon 2018 talk
  ☆55Updated 6 years ago
• tetrane / reven2-resources
  reven2-scripts contains a set of REVEN scripts to automate timeless-analysis on REVEN traces.
  ☆30Updated 2 years ago
• progmboy / cansecwest2017
  ☆62Updated 7 years ago
• tenable / mIDA
  ☆33Updated last year
• niklasb / elgoog
  elgoog/searchme challenge from 34C3 CTF / WCTF 2018: sources & exploit
  ☆67Updated 6 years ago
• andreafioraldi / r2angrdbg
  Use angr inside the radare2 debugger. Create an angr state from the current debugger state.
  ☆34Updated 5 years ago
• ulexec / EmotetCFU
  WIP Emotet Control Flow Unflattening using miasm and radare2
  ☆23Updated last year
• 4B5F5F4B / HyperV
  PoC for CVE-2017-0075
  ☆36Updated 5 years ago
• rogue-kdc / CVE-2019-1253
  ☆49Updated 5 years ago