enkomio / sacaraLinks
Sacara VM
☆122Updated 5 years ago
Alternatives and similar repositories for sacara
Users that are interested in sacara are comparing it to the libraries listed below
Sorting:
- A binary analysis framework☆132Updated 4 years ago
- .NET runtime inspector☆270Updated 6 years ago
- .NET instrumentation framework☆72Updated 7 years ago
- A simple utility to list all methods of a given .NET Assembly and to invoke them☆74Updated 3 years ago
- A project that aims to automatically devirtualize code that has been virtualized using x86virt☆126Updated 2 years ago
- Sample use cases of the .NET native code hooking technique☆212Updated 7 years ago
- Scripts for disassembling VBScript p-code in the memory to aid in exploits analysis☆85Updated 3 years ago
- ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking.☆91Updated 6 years ago
- A tool to exploit .NET DCOM for EoP and RCE. Is fixed in latest versions of the .NET.☆91Updated 10 years ago
- Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment☆123Updated 4 years ago
- Implements the POP/MOV SS (CVE-2018-8897) vulnerability by leveraging SYSCALL to perform a local privilege escalation (LPE).☆116Updated 6 years ago
- Windows API tracer for malware (oldname: unitracer)☆118Updated 7 years ago
- Security Research and Development Framework☆106Updated 9 years ago
- A simple API monitor for Windbg☆63Updated 8 years ago
- kernel exploitation helper class☆77Updated 8 years ago
- Static unpacker for FinSpy VM☆101Updated 3 years ago
- Grep-like WinDbg extension☆44Updated 8 years ago
- Flare-On solutions☆36Updated 5 years ago
- Anti-technique Codes, Detection of Anti-technique codes☆38Updated 11 years ago
- An obfuscation engine which obfuscates Intel x86 32-bit binary code.☆55Updated 7 years ago
- Mario & Luigi - Tools for sniffing Windows Named Pipes communication☆129Updated 8 years ago
- ☆216Updated 7 years ago
- Diff tool for comparing symbols in PDB files☆83Updated 5 years ago
- [ARCHIVED] mov rax, ${Thalium/IceBox}; jmp rax;☆73Updated 5 years ago
- Parsers for custom malware formats ("Funky malware formats")☆96Updated 3 years ago
- Driver Initial Reconnaissance Tool☆123Updated 5 years ago
- Exploit code used for the HackSysExtremeVulnerableDriver.☆43Updated 6 years ago
- PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.☆151Updated 6 years ago
- Kernel Address Space Layout Randomization (KASLR) Recovery Software☆98Updated 8 years ago
- Some example source code for fixed IE11 sandbox escapes.☆141Updated 10 years ago