ex0dus-0x / ward
Simple ELF runtime packer for creating self-protecting binaries
☆17Updated last year
Related projects ⓘ
Alternatives and complementary repositories for ward
- An ELF / PE binary packer written in pure C, made for fun☆80Updated 7 months ago
- hypervisor enforced patch protection for the linux kernel with xen + libvmi, libvmi KASLR offset spoofer☆29Updated 6 months ago
- Abusing exceptions for code execution.☆106Updated last year
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆69Updated last year
- Static analysis tool based on clang, which detects source-to-binary information leaks in C and C++ projects☆80Updated 2 years ago
- A Linux x86/x86-64 tool to trace registers and memory regions.☆34Updated 2 years ago
- Playing with LLVM passes☆35Updated last year
- Collection of obfuscation, tamper-proofing, and watermarking algorithms targeting LLVM IR.☆71Updated 4 years ago
- An Integrity-Check Monitoring Pintool☆56Updated 4 years ago
- rekk is set of tools written in Rust to obfuscate ELF & PE executables with nanomites.☆27Updated last year
- Analysis tool for estimating the likelihood that a binary contains compressed or encrypted bytes☆42Updated 9 months ago
- A collection of Binary Ninja plugins☆23Updated 2 years ago
- Binary Ninja plugin for automating VMProtect analysis☆56Updated last year
- ☆35Updated 2 years ago
- Collection of simple anti-debugging tricks for Linux☆55Updated 6 years ago
- Library and tools to access the Windows Minidump (MDMP) format☆38Updated 3 months ago
- A cross-platform Python toolkit for parsing/writing PE files.☆63Updated 4 months ago
- Sample project that encrypts windows 32-bit executables with password☆52Updated 2 years ago
- A dynamically loadable virtual-machine based rootkit designed for Linux Kernel v5.13.0 using AMD-V (SVM).☆27Updated 2 years ago
- A set of small utilities, helpers for PIN tracers☆31Updated last year
- Rizin FLIRT Signature Database☆36Updated last year
- Report and exploit of CVE-2023-36427☆87Updated 11 months ago
- Inlay hints for hex-rays☆24Updated last month
- A post-processing script for TinyTracer☆37Updated last year
- PEIM (UEFI) bootkit targeting OVMF (EDK2)☆33Updated 11 months ago
- A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.☆73Updated 3 months ago
- ☆28Updated 4 years ago
- LLVM pass that obfuscates against symbolic execution☆73Updated 6 years ago
- This x64dbg plugin allows you to upload your sample to Malcore and view the results.☆32Updated last year
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆48Updated last year