h311d1n3r / HellTracer
A Linux x86/x86-64 tool to trace registers and memory regions.
☆34Updated 2 years ago
Related projects: ⓘ
- ☆14Updated 2 years ago
- Helper scripts for windows debugging with symbols for Bochs and IDA Pro (PDB files). Very handy for user mode <--> kernel mode☆18Updated last year
- Slides from various conference talks☆36Updated last year
- WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs☆15Updated last year
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year
- Extract data of TTD trace file to a minidump☆28Updated last year
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆69Updated last year
- dk is a WinDbg extenion for dumping memory data in meaningful and organized ways, it is an enhancement of my previous tokenext project.☆22Updated last year
- ☆24Updated 2 years ago
- genpatch is IDA plugin that generates a python script for patching binary☆30Updated 8 months ago
- Inlay hints for hex-rays☆18Updated this week
- ☆25Updated 10 months ago
- ☆30Updated last year
- A Unit-Based Symbolic Execution Method for Detecting Memory Corruption Vulnerabilities in Executable Codes☆43Updated last year
- Here are some of my malware reversing papers that I will be publishing☆30Updated 2 years ago
- Symbolic execution for RISC-V machine code based on the formal LibRISCV ISA model☆32Updated 2 months ago
- ☆25Updated 9 months ago
- A IDA plugin to enable linking to locations in an IDB with a disas:// URI☆32Updated 11 months ago
- Currently proof-of-concept☆16Updated 2 years ago
- A KISS Rust crate to parse Windows kernel crash-dumps created by Windows & its debugger.☆33Updated last month
- Binary Ninja plugin to perform automated analysis of Windows drivers☆16Updated 5 years ago
- javascript extension of windbg for hacker.☆14Updated last year
- PoC plugin for jadx-gui to evaluate methods and update decompiler output☆16Updated 2 weeks ago
- Browser exploitation v8 and sandbox escape challenges with solutions.☆26Updated 2 years ago
- x86 and x64 assembly "read-eval-print loop" for Windows☆25Updated 7 years ago
- This x64dbg plugin allows you to upload your sample to Malcore and view the results.☆31Updated last year
- poc code for CVE-2024-38080☆23Updated 2 weeks ago
- A post-processing script for TinyTracer☆37Updated last year
- Triton based symbolic emulator☆16Updated last year
- Python bindings for BochsCPU☆33Updated last month