enkomio / thematrix
a PE Loader and Windows API tracer. Useful in malware analysis.
☆138Updated 2 years ago
Alternatives and similar repositories for thematrix:
Users that are interested in thematrix are comparing it to the libraries listed below
- MalUnpack companion driver☆93Updated 7 months ago
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆114Updated last year
- ☆70Updated last year
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆115Updated 7 months ago
- ☆141Updated last year
- Binary Ninja plugin for exploring Structured Exception Handlers☆81Updated 8 months ago
- ☆94Updated 3 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆243Updated 2 years ago
- Static Binary Instrumentation tool for Windows x64 executables☆196Updated last week
- Small visualizator for PE files☆67Updated last year
- C# Utilities for Windows Notification Facility☆128Updated 2 months ago
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆125Updated 5 months ago
- msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation to be used within IDA.☆148Updated last year
- Parse .NET executable files.☆75Updated 2 weeks ago
- Abusing exceptions for code execution.☆109Updated 2 years ago
- Enumerate various traits from Windows processes as an aid to threat hunting☆186Updated 3 years ago
- Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …☆107Updated 3 years ago
- A Python script to download PDB files associated with a Portable Executable (PE)☆118Updated this week
- IDA Pro plugin for recognizing known hashes of API function names☆81Updated 2 years ago
- Recon 2023 slides and code☆79Updated last year
- A tool that automates regex generation for the x86 and x86-64 instruction sets☆68Updated 9 months ago
- Simple project using syscalls (via Syswhispers2) to execute MessageBox shellcode.☆74Updated 3 years ago
- Writeups for CTF challenges☆30Updated last year
- Unofficial Common Log File System (CLFS) Documentation☆169Updated 3 years ago
- Run Processes as PPL with ELAM☆153Updated 2 years ago
- VBScript & VBA source-to-source deobfuscator with partial-evaluation☆75Updated 6 months ago
- The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.☆160Updated this week
- IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).☆88Updated 3 years ago
- Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider☆169Updated 2 years ago
- ☆157Updated 3 years ago