debasishm89 / qHooK
qHooK is very simple python script (dependent on pydbg) which hooks user defined Win32 APIs in any process and monitor then while process is running and at last prepare a CSV report with various interesting information which can help reverse engineer to track down / analyse unknown exploit samples / shellcode.
☆21Updated 10 years ago
Alternatives and similar repositories for qHooK
Users that are interested in qHooK are comparing it to the libraries listed below
Sorting:
- Kernel Shellcode to add all privileges in token☆13Updated 8 years ago
- API logger plugin for Intel Pintool☆14Updated 7 years ago
- ☆28Updated 7 years ago
- Guest to host VM escape exploit for Parallels Desktop☆28Updated 10 years ago
- ☆12Updated 10 years ago
- reversed emet tool☆24Updated 12 years ago
- Solutions to HackSysExtremeVulnerableDriver challenges though my following of @FuzzySecurity's tutorials plus futher explanations where n…☆22Updated 7 years ago
- TrueCrypt 7.2 — (Source Codes)☆8Updated 8 years ago
- IDA Pro plug-in and tools for displaying 3D graphs of procedures using UbiGraph☆25Updated 11 years ago
- 파일시스템 미니필터 드라이버 (교육용 코드)☆6Updated 6 years ago
- ☆12Updated 7 years ago
- wow64 syscall filter☆13Updated 10 years ago
- Kernel-mode file scanner☆18Updated 6 years ago
- IDA PRO FLIRT signature files MSVC2017的sig文件☆15Updated 6 years ago
- Helper utility for debugging windows PE/PE+ loader.☆52Updated 10 years ago
- Import debugging traces from WinDBG into IDA. Color the graph, fill in the value of all the operands, etc.☆25Updated 12 years ago
- Sample debugger for x86 and x64☆4Updated 2 years ago
- Allows you to add breakpoints from IDA (from the graph/text view) to WinDbg easily☆14Updated 6 years ago
- Cross-Qt compatibility module for IDAPython.☆13Updated 5 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆29Updated 8 years ago
- Short for Good Ware; it assists Reverse Engineers in the analysis of Windows Malware.☆24Updated 12 years ago
- ☆14Updated 7 years ago
- Framework complet d'analyse de malware☆12Updated 9 years ago
- meta op for pe file☆11Updated 8 years ago
- Intel PIN rocks☆15Updated 12 years ago
- A couple of little tools I've made for working with Windows Drivers☆15Updated 9 years ago
- findLoop - find possible encryption/decryption or compression/decompression code☆26Updated 6 years ago
- IDA WhatAPIs PlugIn☆7Updated 9 years ago
- an efficient yet easy to use network packet builder and parser☆11Updated 7 years ago
- Demos presented on Hackerfest 2015☆14Updated 9 years ago