ek0 / hxemu
Triton based symbolic emulator
☆16Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for hxemu
- ☆21Updated 4 months ago
- Dump PDB Symbols including support for Bochs Debugging Format (with wine support)☆14Updated last year
- Currently proof-of-concept☆16Updated 2 years ago
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆61Updated last year
- ☆15Updated last year
- ollvm 4.0 using clang 10.0.1☆13Updated 3 years ago
- a code virtualizer based on angr☆27Updated last year
- Binary Ninja plugin for automating VMProtect analysis☆57Updated last year
- Application Verifier Dynamic Fault Injection☆34Updated last month
- Some drivers I've written while solving exercises from Practical Reverse Engineering☆14Updated 2 years ago
- dk is a WinDbg extenion for dumping memory data in meaningful and organized ways, it is an enhancement of my previous tokenext project.☆22Updated last year
- Windbg extension that allows you analyze Control Flow Guard map☆36Updated 3 years ago
- Helper scripts for windows debugging with symbols for Bochs and IDA Pro (PDB files). Very handy for user mode <--> kernel mode☆19Updated last year
- A driver to implement IOCTL hooking☆23Updated 2 years ago
- ☆19Updated 7 years ago
- idax: IDASDK extension libraries☆17Updated 3 months ago
- FastSymApi - A Fast API PDB Symbol Cache Server that efficiently caches and compresses PDBs on disk for quick and repeated retrieval.☆18Updated last month
- genpatch is IDA plugin that generates a python script for patching binary☆31Updated 11 months ago
- A years-old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77.☆36Updated 2 years ago
- WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API☆19Updated 2 years ago
- ☆16Updated 2 years ago
- Bootkits☆19Updated last year
- A documentation of several Tigress obfuscation passes and an attempt to simplify Mixed Boolean-Arithmetic (MBA) expressions.☆21Updated 2 years ago
- LLVM obfuscation pass, flattening at the basic block's level and turning each basic block into a dispacher and each instruction into a ne…☆47Updated 3 years ago
- A way to detect DBI frameworks, Debuggers and VMs.☆22Updated 4 years ago
- A VMBR (Virtual-Machine Based Rootkit) which runs a guest OS and sends the attacker its data☆27Updated 6 months ago
- Simple DLL and client app that work together to hook all the functions in WinHvPlatform.dll in order to provide logging and introspection…☆13Updated 2 years ago
- ☆36Updated 2 years ago
- ☆16Updated last month