debasishm89 / qHooK
qHooK is very simple python script (dependent on pydbg) which hooks user defined Win32 APIs in any process and monitor then while process is running and at last prepare a CSV report with various interesting information which can help reverse engineer to track down / analyse unknown exploit samples / shellcode.
☆21Updated 10 years ago
Alternatives and similar repositories for qHooK:
Users that are interested in qHooK are comparing it to the libraries listed below
- findLoop - find possible encryption/decryption or compression/decompression code☆26Updated 5 years ago
- A plugin for x64dbg for x86 emulation powered by the Unicorn-engine.☆30Updated 9 years ago
- ☆28Updated 7 years ago
- IDApro idc and idapython script collection☆28Updated last year
- Screen recorder for x64dbg, for recording screen while debugging.☆11Updated 8 years ago
- Kernel Shellcode to add all privileges in token☆13Updated 7 years ago
- ASProtect reverse engineering & analysis WinDbg extension☆20Updated 4 years ago
- Allows you to add breakpoints from IDA (from the graph/text view) to WinDbg easily☆14Updated 6 years ago
- The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers☆34Updated 7 years ago
- IDA Pro plug-in and tools for displaying 3D graphs of procedures using UbiGraph☆25Updated 11 years ago
- My commands and scripts extending WinDbg☆30Updated 2 months ago
- POC for cve-2019-1458☆21Updated 4 years ago
- IDA Pro Plugins☆19Updated 9 years ago
- Kernel-mode file scanner☆18Updated 6 years ago
- IDA PRO FLIRT signature files MSVC2017的sig文件☆15Updated 5 years ago
- ☆22Updated 4 years ago
- Malwarebytes Antivirus CVE☆8Updated 6 years ago
- Windows Inline function hooking library targeted at MSVC☆26Updated 8 years ago
- Logs instruction hits to a file which can be fed into IDA Pro to highlight which instructions were called.☆40Updated 11 years ago
- ☆22Updated 6 years ago
- My conference presentations and publications☆26Updated 2 years ago
- VB Exe Parser is an IDA script written in Python. This script will help you to parse VB program internal structures. It can find: Event, …☆16Updated 8 years ago
- Short for Good Ware; it assists Reverse Engineers in the analysis of Windows Malware.☆24Updated 12 years ago
- A windbg extension for ASLR/DEP/SafeSEH check☆25Updated 6 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆22Updated 7 years ago
- ☆14Updated 6 years ago
- Demonstrate the new FileDispositionInfoEx behavior☆15Updated 7 years ago
- wow64 syscall filter☆13Updated 10 years ago
- Import debugging traces from WinDBG into IDA. Color the graph, fill in the value of all the operands, etc.☆25Updated 12 years ago
- ☆11Updated 9 years ago