Salvaging Static Analysis
☆86Jun 7, 2019Updated 6 years ago
Alternatives and similar repositories for SalSA
Users that are interested in SalSA are comparing it to the libraries listed below
Sorting:
- The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers☆34Mar 13, 2017Updated 8 years ago
- Windows kernel-mode callbacks tutorial driver☆48Aug 8, 2016Updated 9 years ago
- Confirms the capability of Hardware-Accelerated Virtualization Technology.☆10Feb 26, 2026Updated last week
- idenLib (Library Function Identification) plugin for x32dbg☆41Feb 26, 2019Updated 7 years ago
- A Windows native DLL injection library written in C# that supports several methods of injection.☆13Dec 17, 2018Updated 7 years ago
- Allows you to add breakpoints from IDA (from the graph/text view) to WinDbg easily☆14Oct 10, 2018Updated 7 years ago
- Zerokit shared code☆17Mar 28, 2019Updated 6 years ago
- The exploit for Panda AV LPE☆37May 22, 2019Updated 6 years ago
- Process / thread-level system call tracer for Windows 7 / 8 / 2008 / 2012☆21May 19, 2015Updated 10 years ago
- Analysis and Modification Tool for Executables☆17Mar 28, 2019Updated 6 years ago
- Provides a way which you can load a .NET dll/exe from disk, modify/inject IL, and then run the assembly all in memory without modifying t…☆29Mar 31, 2017Updated 8 years ago
- penter hook example and driver time recorder☆31Oct 2, 2017Updated 8 years ago
- PoC of BOOST-ed _EPROCESS.VadRoot iterating☆27May 21, 2014Updated 11 years ago
- ☆117Nov 11, 2012Updated 13 years ago
- Disassembler Library for x86 and x86-64☆15Apr 7, 2020Updated 5 years ago
- Windbg extension that allows you analyze Control Flow Guard map☆38Oct 7, 2021Updated 4 years ago
- Analysing and defeating PatchGuard universally☆36Nov 4, 2020Updated 5 years ago
- Class implementation of PowerLoader injection technique☆32Dec 23, 2016Updated 9 years ago
- A IDA plugin to enable linking to locations in an IDB with a disas:// URI☆33Oct 18, 2023Updated 2 years ago
- Kernel mode windows NT API logger☆22Sep 9, 2019Updated 6 years ago
- Using Undocumented NTDLL Functions to Read/Write/Delete File☆18Jan 25, 2021Updated 5 years ago
- Some crazy PE executables protection kernel driver☆20May 2, 2020Updated 5 years ago
- Framework to automatically test and explore the capabilities of generic AV engines☆70Jan 15, 2019Updated 7 years ago
- ☆31Oct 31, 2018Updated 7 years ago
- The Windows 10 LPE exploit written by SandboxEscaper☆110Oct 2, 2018Updated 7 years ago
- ☆53Oct 27, 2018Updated 7 years ago
- Shareds for kernel developement☆29Dec 23, 2013Updated 12 years ago
- Windows 10 UAC bypass PoC using LaunchInfSection☆35Aug 3, 2018Updated 7 years ago
- An API Monitor based on Instrumentation☆43Dec 19, 2017Updated 8 years ago
- User-mode part of Zerokit platform☆22Mar 30, 2019Updated 6 years ago
- xLCB plugin for x64dbg☆20Oct 4, 2016Updated 9 years ago
- A Proof-of-Concept win32 DLL that makes use of netbios session token replay to propagate through a Windows Domain☆25Apr 14, 2018Updated 7 years ago
- This is a simple driver with x64 inline assembly☆55Jun 26, 2020Updated 5 years ago
- Hypervisor-based debugger☆191Dec 2, 2020Updated 5 years ago
- Security Evaluation of Dynamic Binary Instrumentation Engines☆82Sep 1, 2018Updated 7 years ago
- Varoius IDC-scripts I've collected during the years.☆139Sep 5, 2014Updated 11 years ago
- PoC: Prevent a debugger from attaching to managed .NET processes via a watcher process code pattern.☆32Jul 31, 2018Updated 7 years ago
- Lua Extension for Windbg☆21Oct 22, 2018Updated 7 years ago
- Anti-Anti-VM solution via Windows Driver☆62May 8, 2018Updated 7 years ago