hasherezade / drawings

Related projects: ⓘ

• hasherezade / pin_n_sieve
  An experimental dynamic malware unpacker based on Intel Pin and PE-sieve
  ☆57Updated 3 weeks ago
• hasherezade / mal_unpack_py
  Python wrappers for mal_unpack
  ☆34Updated last year
• ytk2128 / pe32-password
  Sample project that encrypts windows 32-bit executables with password
  ☆52Updated 2 years ago
• 0vercl0k / sic
  Enumerate user mode shared memory mappings on Windows.
  ☆112Updated 3 years ago
• zodiacon / syllabi
  ☆60Updated 7 months ago
• SecIdiot / bootkit
  ☆83Updated this week
• dr-anoroc / rawccopy
  Command line utility for copying files on NTFS using low level disk access
  ☆32Updated 5 months ago
• zodiacon / DllIconHandler
  Shows different icons for 64 and 32-bit DLLs. Register with RegSvr32 to install
  ☆32Updated 2 years ago
• codereversing / ted_api
  ☆35Updated last year
• hotnops / RemoteDebugView
  A DLL that serves OutputDebugString content over a TCP connection
  ☆33Updated 2 years ago
• zodiacon / NativeApps
  Demos and presentation from SECArmy Village Grayhat 2020
  ☆36Updated last year
• ufrisk / MemProcFS-plugins
  ☆53Updated 3 years ago
• arizvisa / ndk
  A local copy of Alex Ionescu's seemingly abandoned native-nt-toolkit project containing knowledge inherited from the ReactOS project.
  ☆53Updated 4 years ago
• hasherezade / paramkit
  A small library helping to parse commandline parameters (for C/C++)
  ☆53Updated last year
• RichHeaderResearch / RichPE
  Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks
  ☆57Updated 3 years ago
• cdong1012 / MemeCryptor
  ☆15Updated this week
• hasherezade / pe_utils
  A set of small utilities, helpers for PIN tracers
  ☆31Updated 11 months ago
• ikermit / 11Syscalls
  Windows 11 Syscall table. Ready to use in direct syscall. Actively maintained.
  ☆19Updated 2 years ago
• hMihaiDavid / addscn
  Add an empty section to a PE file
  ☆49Updated 7 years ago
• nccgroup / pythia
  A tool to extract RTTI information from Delphi executables, written in pure Python
  ☆22Updated 4 years ago
• elastic / Silhouette
  Keep it secret, keep it safe
  ☆75Updated last year
• nsacyber / Driver-Collider
  Blocks drivers from loading by using a name collision technique. #nsacyber
  ☆44Updated 6 years ago
• 0xMegaByte / COM-Explained
  ☆27Updated last year
• xenocidewiki / UndocumentedNTAPI
  I was challenged by a friend to list all the processes and drivers in a system using more "unusual" methods. By doing this I learned quit…
  ☆16Updated 8 years ago
• therealdreg / cgaty
  Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)
  ☆69Updated last year
• hasherezade / pe2pic
  Small visualizator for PE files
  ☆66Updated last year
• forrest-orr / ExploitDev
  Various tools, PoCs and experiments related to my blog at https://www.forrest-orr.net/
  ☆35Updated 3 years ago
• jackullrich / TRunPE
  A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…
  ☆91Updated 4 years ago
• DownWithUp / CallMon
  CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers
  ☆129Updated 4 years ago
• Dump-GUY / Python3---Binary-Data-Manipulation
  Python 3 - Manipulation and conversation with different data type (Bytes operations)
  ☆26Updated 2 years ago