Small tool to convert beteween the PE alignments (raw and virtual).
☆115Mar 28, 2026Updated last month
Alternatives and similar repositories for pe_unmapper
Users that are interested in pe_unmapper are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Hooking Heavens Gate in a weekend☆13Jan 1, 2022Updated 4 years ago
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆333Oct 13, 2024Updated last year
- My Linux profiles built for Volatility 2/3☆11Oct 11, 2025Updated 7 months ago
- Finding Truth in the Shadows☆129Jan 26, 2023Updated 3 years ago
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆126Jul 12, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Abusing exceptions for code execution.☆109Jan 30, 2023Updated 3 years ago
- Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures☆39Sep 22, 2024Updated last year
- A curated list of ressources for Volatility 2 & 3☆13Mar 17, 2024Updated 2 years ago
- PE (and elf now!) bin2bin obfuscator☆844Oct 11, 2025Updated 7 months ago
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆78Mar 29, 2025Updated last year
- Recursive and arbitrary code execution at kernel-level without a system thread creation☆159Mar 16, 2026Updated 2 months ago
- Nim-IDA-FLIRT-Generator☆20Dec 5, 2023Updated 2 years ago
- PE-Dump-Fixer☆111Mar 17, 2020Updated 6 years ago
- Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible. No …☆24Jun 16, 2024Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Standalone Metasploit-like XOR encoder for shellcode☆52May 12, 2024Updated 2 years ago
- An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in gen…☆863Feb 2, 2024Updated 2 years ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆135Jan 2, 2023Updated 3 years ago
- ntoskrnl .data hooks for UM-KM communication☆52May 26, 2024Updated 2 years ago
- A kernel mode Windows rootkit in development.☆48Dec 31, 2021Updated 4 years ago
- NASM listing to shellcode converter☆14May 6, 2018Updated 8 years ago
- ☆17Oct 31, 2022Updated 3 years ago
- ☆32Apr 24, 2022Updated 4 years ago
- Windows API Hashes used in the malwares☆42Aug 7, 2015Updated 10 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Volatility 3 Plugins☆21Oct 3, 2022Updated 3 years ago
- ☆67Aug 31, 2021Updated 4 years ago
- ConfuserEx2 String Decryptor & Full Deobfuscation Guide☆102Aug 5, 2024Updated last year
- Dynamic unpacker based on PE-sieve☆814Apr 14, 2026Updated last month
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 4 years ago
- Minifilter Callback Patching Proof-of-Concept☆77Oct 31, 2022Updated 3 years ago
- a windows kernel keylogger that works☆20Feb 12, 2024Updated 2 years ago
- Fix VMProtect Import Protection☆376Aug 12, 2021Updated 4 years ago
- This script is used to unload PsSetCreateProcessNotifyRoutineEx, PsSetCreateProcessNotifyRoutine, PsSetLoadImageNotifyRoutine and PsSetCr…☆63Feb 11, 2024Updated 2 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115May 21, 2023Updated 3 years ago
- base for testing☆189Sep 28, 2024Updated last year
- Native code virtualizer for x64 binaries☆531Dec 20, 2024Updated last year
- Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread☆264Aug 31, 2025Updated 8 months ago
- ☆58Jan 15, 2024Updated 2 years ago
- A post-processing script for TinyTracer☆39Mar 22, 2023Updated 3 years ago
- A Pin Tool for tracing API calls etc☆1,657Feb 8, 2026Updated 3 months ago