debasishm89 / qHooKLinks
qHooK is very simple python script (dependent on pydbg) which hooks user defined Win32 APIs in any process and monitor then while process is running and at last prepare a CSV report with various interesting information which can help reverse engineer to track down / analyse unknown exploit samples / shellcode.
☆21Updated 10 years ago
Alternatives and similar repositories for qHooK
Users that are interested in qHooK are comparing it to the libraries listed below
Sorting:
- Scripts for x64dbg to find the OEP of exe files packed with UPX☆14Updated 7 years ago
- findLoop - find possible encryption/decryption or compression/decompression code☆26Updated 6 years ago
- Sample debugger for x86 and x64☆4Updated 2 years ago
- IDA Pro plug-in and tools for displaying 3D graphs of procedures using UbiGraph☆25Updated 12 years ago
- ASProtect reverse engineering & analysis WinDbg extension☆22Updated 4 years ago
- Screen recorder for x64dbg, for recording screen while debugging.☆11Updated 8 years ago
- Kernel Shellcode to add all privileges in token☆13Updated 8 years ago
- A plugin for x64dbg for x86 emulation powered by the Unicorn-engine.☆29Updated 9 years ago
- Windows Inline function hooking library targeted at MSVC☆27Updated 8 years ago
- ☆12Updated 10 years ago
- ☆22Updated 4 years ago
- PEAnalyser is an open source PE file analysis tool.☆11Updated 4 years ago
- Window Executable file Function tracer using Debugging API☆44Updated 5 years ago
- Short for Good Ware; it assists Reverse Engineers in the analysis of Windows Malware.☆24Updated 13 years ago
- IDApro idc and idapython script collection☆28Updated last year
- A fork from http://create.stephan-brumme.com/hash-library/.☆15Updated last year
- A C/C++ code obfuscator based on llvm/clang technology☆16Updated 10 years ago
- Anti-Anti-Debugger Plugins☆19Updated 11 years ago
- Simple tool for unpacking packed/protected malware executables.☆33Updated 13 years ago
- OllyCallTrace is a plugin for OllyDbg to trace the call chain of a thread.☆53Updated 13 years ago
- A sample project for using Capstone from a driver in Visual Studio 2015☆36Updated 9 years ago
- Use WinDBG to trace the Windows API calls of any Portable Executable file☆31Updated 8 years ago
- IDA loader module for Hidden Bee's custom executable file format☆20Updated 6 years ago
- ☆33Updated 6 years ago
- ☆28Updated 8 years ago
- Windows inject☆16Updated 7 years ago
- A simple native code virtualizer for 32-bit Windows PE☆15Updated 9 years ago
- API logger plugin for Intel Pintool☆14Updated 7 years ago
- Windows x86 Hardware Breakpoint class for Windows >Vista☆22Updated 8 years ago
- Packer for PE and ELF, 32 and 64bits.☆22Updated 11 years ago