debasishm89 / qHooKLinks
qHooK is very simple python script (dependent on pydbg) which hooks user defined Win32 APIs in any process and monitor then while process is running and at last prepare a CSV report with various interesting information which can help reverse engineer to track down / analyse unknown exploit samples / shellcode.
☆21Updated 10 years ago
Alternatives and similar repositories for qHooK
Users that are interested in qHooK are comparing it to the libraries listed below
Sorting:
- Anti-Anti-Debugger Plugins☆20Updated 12 years ago
- A plugin for x64dbg for x86 emulation powered by the Unicorn-engine.☆29Updated 10 years ago
- OllyCallTrace is a plugin for OllyDbg to trace the call chain of a thread.☆54Updated 14 years ago
- Windbg Utility Tools based upon PyKD☆42Updated 5 years ago
- PEAnalyser is an open source PE file analysis tool.☆11Updated 5 years ago
- findLoop - find possible encryption/decryption or compression/decompression code☆26Updated 6 years ago
- ASProtect reverse engineering & analysis WinDbg extension☆23Updated 5 years ago
- VB Exe Parser is an IDA script written in Python. This script will help you to parse VB program internal structures. It can find: Event, …☆18Updated 9 years ago
- A simple API monitor for Windbg☆65Updated 8 years ago
- Solutions to HackSysExtremeVulnerableDriver challenges though my following of @FuzzySecurity's tutorials plus futher explanations where n…☆22Updated 8 years ago
- OllyHeapTrace is a plugin for OllyDbg to trace the heap operations being performed by a process.☆55Updated 14 years ago
- Fetch and set configuration values for IDA Plugins☆25Updated 3 weeks ago
- IDA Pro Plugins☆19Updated 10 years ago
- OllySocketTrace is a plugin for OllyDbg to trace the socket operations being performed by a process.☆63Updated 14 years ago
- crauEmu is an uEmu extension for developing and analyzing payloads for code-reuse attacks☆111Updated 6 years ago
- A collection of tools for injecting DSOs in processes under various operating systems☆51Updated 3 years ago
- Import debugging traces from WinDBG into IDA. Color the graph, fill in the value of all the operands, etc.☆26Updated 13 years ago
- Create and use macros in IDA's CLIs☆66Updated last week
- Reverse engineering toolkit for exploit/malware analysis☆35Updated 5 years ago
- IDA Pro plug-in and tools for displaying 3D graphs of procedures using UbiGraph☆26Updated 12 years ago
- Use WinDBG to trace the Windows API calls of any Portable Executable file☆32Updated 8 years ago
- IDA script for vmprotect Windows Api address decoder☆52Updated 4 years ago
- The tool to decode obfuscated shellcodes using the unicorn and capstone engine☆55Updated 9 years ago
- XPN's RpcEnum but based on IDA instead of Ghidra☆21Updated 6 years ago
- ☆34Updated 8 years ago
- Windows Inline function hooking library targeted at MSVC☆27Updated 9 years ago
- IDA PRO FLIRT signature files MSVC2017的sig文件☆14Updated 6 years ago
- ☆18Updated 6 months ago
- Open and generic Anti-Anti Reversing Framework. Works in 32 and 64 bits.☆65Updated 13 years ago
- Kernel Shellcode to add all privileges in token☆15Updated 8 years ago