debasishm89 / qHooK
qHooK is very simple python script (dependent on pydbg) which hooks user defined Win32 APIs in any process and monitor then while process is running and at last prepare a CSV report with various interesting information which can help reverse engineer to track down / analyse unknown exploit samples / shellcode.
☆21Updated 9 years ago
Related projects ⓘ
Alternatives and complementary repositories for qHooK
- IDA Pro Plugins☆19Updated 9 years ago
- API logger plugin for Intel Pintool☆14Updated 7 years ago
- ☆28Updated 7 years ago
- Windows Inline function hooking library targeted at MSVC☆26Updated 8 years ago
- Intel PIN rocks☆15Updated 12 years ago
- findLoop - find possible encryption/decryption or compression/decompression code☆26Updated 5 years ago
- My commands and scripts extending WinDbg☆28Updated 2 months ago
- Kernel Shellcode to add all privileges in token☆13Updated 7 years ago
- Short for Good Ware; it assists Reverse Engineers in the analysis of Windows Malware.☆24Updated 12 years ago
- Import debugging traces from WinDBG into IDA. Color the graph, fill in the value of all the operands, etc.☆25Updated 12 years ago
- ASProtect reverse engineering & analysis WinDbg extension☆20Updated 4 years ago
- Allows you to add breakpoints from IDA (from the graph/text view) to WinDbg easily☆14Updated 6 years ago
- A tool evaluates security configurations of a given PE based on SDL without source code☆12Updated 10 years ago
- Logs instruction hits to a file which can be fed into IDA Pro to highlight which instructions were called.☆41Updated 11 years ago
- ☆33Updated 7 years ago
- PyQt plugin for Ida Pro for Screen recording.☆12Updated 8 years ago
- IDA WhatAPIs PlugIn☆7Updated 9 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆21Updated 7 years ago
- Anti-Anti-Debugger Plugins☆18Updated 11 years ago
- My conference presentations and publications☆26Updated 2 years ago
- Solutions to HackSysExtremeVulnerableDriver challenges though my following of @FuzzySecurity's tutorials plus futher explanations where n…☆21Updated 7 years ago
- windows create process with a dll load first time via LdrHook☆30Updated 8 years ago
- A plugin for x64dbg for x86 emulation powered by the Unicorn-engine.☆30Updated 8 years ago
- Shellcode tracer☆15Updated 8 years ago
- IDA PRO FLIRT signature files MSVC2017的sig文件☆15Updated 5 years ago
- IDApro idc and idapython script collection☆28Updated last year