Tool to view and create Microsoft shim database files (SDB).
☆119May 11, 2017Updated 8 years ago
Alternatives and similar repositories for sdb-explorer
Users that are interested in sdb-explorer are comparing it to the libraries listed below
Sorting:
- ☆18Mar 28, 2015Updated 10 years ago
- Pure Python parser for Application Compatibility Shim Databases (.sdb files)☆110Jan 26, 2021Updated 5 years ago
- Recon 2015 Presentation from Alex Ionescu☆250Jan 27, 2016Updated 10 years ago
- Anti-AV compilation☆44Oct 4, 2013Updated 12 years ago
- Automated library compilation and PDB annotation with CMake and IDA Pro☆22Sep 20, 2018Updated 7 years ago
- ☆28Dec 28, 2017Updated 8 years ago
- ☆15Jun 12, 2015Updated 10 years ago
- Work Fast With the pattern matching swiss knife for malware researchers.☆38Mar 26, 2016Updated 9 years ago
- ☆32Jan 24, 2016Updated 10 years ago
- Emofishes is a collection of proof-of-concepts that help improve, bypass or detect virtualized execution environments (focusing on the on…☆15Jan 28, 2023Updated 3 years ago
- EditBox is a plugin for the Volatility Framework. It extracts the text from Windows Edit controls, that is, textboxes as generated by Win…☆24Jun 4, 2017Updated 8 years ago
- ☆15Mar 28, 2015Updated 10 years ago
- Windows x64 Process Scanner to detect application compatability shims☆37Oct 17, 2018Updated 7 years ago
- Shim database persistence (Fin7 TTP)☆37Feb 25, 2020Updated 6 years ago
- Implementation of a thin hypervisor☆43May 20, 2016Updated 9 years ago
- Adding exceptions to Microsoft's Control Flow Guard (CFG)☆57Jun 21, 2016Updated 9 years ago
- Incident Response & Digital Forensics Debugging Extension☆393Dec 11, 2018Updated 7 years ago
- Transfer EIP control to shellcode during malware analysis investigation☆77Oct 29, 2014Updated 11 years ago
- Local Kernel Debugger (LKD) is a python wrapper around dbgengine.dll☆92Aug 22, 2016Updated 9 years ago
- An application for obtaining, dumping and modifying token from user land.☆26Nov 21, 2015Updated 10 years ago
- C++☆88Sep 11, 2016Updated 9 years ago
- A GC link parser for both linkfiles and jumplists.☆18Oct 28, 2016Updated 9 years ago
- WinDBG Anti-RootKit Extension☆646Jul 29, 2020Updated 5 years ago
- ☆46Aug 21, 2019Updated 6 years ago
- A windbg extension, extracting token related contents☆41Dec 23, 2020Updated 5 years ago
- Two tools used during our analysis of the Microsoft binary injection mitigation implemented in Edge TH2.☆53Feb 15, 2017Updated 9 years ago
- Old exploits and code for my self-referencing PML4 technique (2014)☆32May 8, 2015Updated 10 years ago
- Generate MAEC XML from Ero Carrera's pefile output☆15Mar 6, 2017Updated 9 years ago
- nyā☆70Oct 16, 2015Updated 10 years ago
- Ruxcon2016 POC Code☆141Nov 21, 2016Updated 9 years ago
- Portable utility to check if a machine has been infected by Shamoon2☆15Jan 13, 2017Updated 9 years ago
- Crappy Win32k syscall fuzzer☆13May 2, 2015Updated 10 years ago
- Old mitigation-bounty code that was applicable to edge before it use webkit/chrome☆87Dec 19, 2016Updated 9 years ago
- A sample project for using Capstone from a driver in Visual Studio 2015☆36May 4, 2016Updated 9 years ago
- Parse Microsoft shim databases☆32Jan 8, 2025Updated last year
- drvtriks kernel driver for Windows 7 SP1 and 8.1 x64, that tricks around in your system.☆34Oct 6, 2017Updated 8 years ago
- Smart DLL execution for malware analysis in sandbox systems☆144Feb 16, 2015Updated 11 years ago
- Maintain Windows Persistence with an evil Netshell Helper DLL☆12Jul 28, 2018Updated 7 years ago
- Demos presented on Hackerfest 2015☆14Nov 9, 2015Updated 10 years ago