evil-e / sdb-explorer
Tool to view and create Microsoft shim database files (SDB).
☆110Updated 7 years ago
Related projects ⓘ
Alternatives and complementary repositories for sdb-explorer
- Ruxcon2016 POC Code☆137Updated 7 years ago
- Transfer EIP control to shellcode during malware analysis investigation☆73Updated 10 years ago
- A command tree based on commands and extensions for Windows Kernel Debugging.☆105Updated 4 years ago
- Mario & Luigi - Tools for sniffing Windows Named Pipes communication☆129Updated 7 years ago
- PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.☆147Updated 5 years ago
- Smart DLL execution for malware analysis in sandbox systems☆141Updated 9 years ago
- zer0m0n driver for cuckoo sandbox☆87Updated 8 years ago
- ☆112Updated 8 years ago
- Parsers for custom malware formats ("Funky malware formats")☆92Updated 2 years ago
- Pure Python parser for Application Compatibility Shim Databases (.sdb files)☆106Updated 3 years ago
- FLARE Kernel Shellcode Loader☆176Updated 5 years ago
- Driver Initial Reconnaissance Tool☆119Updated 4 years ago
- Security Research and Development Framework☆105Updated 9 years ago
- Recon 2015 Presentation from Alex Ionescu☆232Updated 8 years ago
- Reflective Polymorphism☆104Updated 6 years ago
- A utility to use the usermode shellcode from the DOUBLEPULSAR payload to reflectively load an arbitrary DLL into another process, for use…☆114Updated 7 years ago
- Windows Console Monitoring☆98Updated 7 years ago
- ☆213Updated 6 years ago
- kernel exploitation helper class☆75Updated 7 years ago
- a program to detect reflective dll injection on a live machine☆74Updated 8 years ago
- A C/C++ implementation of Microsoft's Antimalware Scan Interface☆170Updated 6 years ago