Small tool to convert beteween the PE alignments (raw and virtual).
☆112Mar 28, 2026Updated last month
Alternatives and similar repositories for pe_unmapper
Users that are interested in pe_unmapper are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Hooking Heavens Gate in a weekend☆13Jan 1, 2022Updated 4 years ago
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆330Oct 13, 2024Updated last year
- My Linux profiles built for Volatility 2/3☆11Oct 11, 2025Updated 6 months ago
- Finding Truth in the Shadows☆127Jan 26, 2023Updated 3 years ago
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆125Jul 12, 2024Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Abusing exceptions for code execution.☆111Jan 30, 2023Updated 3 years ago
- Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures☆39Sep 22, 2024Updated last year
- A curated list of ressources for Volatility 2 & 3☆13Mar 17, 2024Updated 2 years ago
- PE (and elf now!) bin2bin obfuscator☆838Oct 11, 2025Updated 6 months ago
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆78Mar 29, 2025Updated last year
- Recursive and arbitrary code execution at kernel-level without a system thread creation☆160Mar 16, 2026Updated last month
- Nim-IDA-FLIRT-Generator☆20Dec 5, 2023Updated 2 years ago
- PE-Dump-Fixer☆111Mar 17, 2020Updated 6 years ago
- Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible. No …☆24Jun 16, 2024Updated last year
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Standalone Metasploit-like XOR encoder for shellcode☆52May 12, 2024Updated last year
- An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in gen…☆860Feb 2, 2024Updated 2 years ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆135Jan 2, 2023Updated 3 years ago
- ntoskrnl .data hooks for UM-KM communication☆52May 26, 2024Updated last year
- A kernel mode Windows rootkit in development.☆49Dec 31, 2021Updated 4 years ago
- NASM listing to shellcode converter☆14May 6, 2018Updated 8 years ago
- ☆17Oct 31, 2022Updated 3 years ago
- ☆31Apr 24, 2022Updated 4 years ago
- Windows API Hashes used in the malwares☆42Aug 7, 2015Updated 10 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Volatility 3 Plugins☆21Oct 3, 2022Updated 3 years ago
- ☆68Aug 31, 2021Updated 4 years ago
- ConfuserEx2 String Decryptor & Full Deobfuscation Guide☆103Aug 5, 2024Updated last year
- Dynamic unpacker based on PE-sieve☆810Apr 14, 2026Updated 3 weeks ago
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 4 years ago
- Minifilter Callback Patching Proof-of-Concept☆75Oct 31, 2022Updated 3 years ago
- a windows kernel keylogger that works☆20Feb 12, 2024Updated 2 years ago
- Fix VMProtect Import Protection☆374Aug 12, 2021Updated 4 years ago
- This script is used to unload PsSetCreateProcessNotifyRoutineEx, PsSetCreateProcessNotifyRoutine, PsSetLoadImageNotifyRoutine and PsSetCr…☆63Feb 11, 2024Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115May 21, 2023Updated 2 years ago
- base for testing☆189Sep 28, 2024Updated last year
- Native code virtualizer for x64 binaries☆528Dec 20, 2024Updated last year
- Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread☆264Aug 31, 2025Updated 8 months ago
- ☆57Jan 15, 2024Updated 2 years ago
- A post-processing script for TinyTracer☆39Mar 22, 2023Updated 3 years ago
- A Pin Tool for tracing API calls etc☆1,651Feb 8, 2026Updated 2 months ago