debasishm89 / qHooK
qHooK is very simple python script (dependent on pydbg) which hooks user defined Win32 APIs in any process and monitor then while process is running and at last prepare a CSV report with various interesting information which can help reverse engineer to track down / analyse unknown exploit samples / shellcode.
☆21Updated 10 years ago
Alternatives and similar repositories for qHooK:
Users that are interested in qHooK are comparing it to the libraries listed below
- IDA Pro plug-in and tools for displaying 3D graphs of procedures using UbiGraph☆25Updated 11 years ago
- ☆28Updated 7 years ago
- PyQt plugin for Ida Pro for Screen recording.☆12Updated 8 years ago
- ☆13Updated 7 years ago
- Kernel Shellcode to add all privileges in token☆13Updated 8 years ago
- IDA Pro Plugins☆19Updated 9 years ago
- IDApro idc and idapython script collection☆28Updated last year
- OllyHeapTrace is a plugin for OllyDbg to trace the heap operations being performed by a process.☆54Updated 13 years ago
- Helper utility for debugging windows PE/PE+ loader.☆52Updated 10 years ago
- ☆12Updated 10 years ago
- My commands and scripts extending WinDbg☆34Updated 3 weeks ago
- Import debugging traces from WinDBG into IDA. Color the graph, fill in the value of all the operands, etc.☆25Updated 12 years ago
- Engine for communication with remote kernel debugger (KD, WinDbg) from drivers and applications☆36Updated 11 years ago
- Guest to host VM escape exploit for Parallels Desktop☆28Updated 10 years ago
- My conference presentations and publications☆26Updated 3 years ago
- IDA WhatAPIs PlugIn☆7Updated 9 years ago
- Solutions to HackSysExtremeVulnerableDriver challenges though my following of @FuzzySecurity's tutorials plus futher explanations where n…☆22Updated 7 years ago
- WinEoP Exploitation Framework☆24Updated 9 years ago
- A dark theme for WinDBG.☆35Updated 10 years ago
- VB Exe Parser is an IDA script written in Python. This script will help you to parse VB program internal structures. It can find: Event, …☆16Updated 8 years ago
- Short for Good Ware; it assists Reverse Engineers in the analysis of Windows Malware.☆24Updated 12 years ago
- Logs instruction hits to a file which can be fed into IDA Pro to highlight which instructions were called.☆41Updated 11 years ago
- ☆24Updated 9 years ago
- Packer for PE and ELF, 32 and 64bits.☆22Updated 11 years ago
- ASProtect reverse engineering & analysis WinDbg extension☆22Updated 4 years ago
- Collection of IDA Pro plugins I wrote over the years☆23Updated 14 years ago
- ☆22Updated 6 years ago
- findLoop - find possible encryption/decryption or compression/decompression code☆26Updated 6 years ago
- PoC code for CVE-2018-9539☆18Updated 6 years ago
- Shellcode tracer☆15Updated 8 years ago