herrcore / CmdDesktopSwitchLinks
CmdDesktopSwitch is a small utility that lists all windows desktops and provides the option to switch between them. This can be used to identify and watch malware that has created a hidden desktop.
☆35Updated 9 years ago
Alternatives and similar repositories for CmdDesktopSwitch
Users that are interested in CmdDesktopSwitch are comparing it to the libraries listed below
Sorting:
- ☆22Updated 4 years ago
- Sample libraries to be used with IAT Patcher☆34Updated 2 years ago
- CAPE monitor DLLs☆41Updated 5 years ago
- PoC for Bypassing UM Hooks By Bruteforcing Intel Syscalls☆38Updated 9 years ago
- ☆16Updated 7 years ago
- Use this library to automatically extract PE files compressed with aplib from a binary blob.☆34Updated 6 years ago
- Anti-AV compilation☆43Updated 11 years ago
- IDAPython scripts☆15Updated 7 years ago
- PoC for detecting and dumping code injection (built and extended on UnRunPE)☆56Updated 6 years ago
- Decodes PlugX traffic and encrypted/compressed artifacts☆38Updated 12 years ago
- Adding exceptions to Microsoft's Control Flow Guard (CFG)☆58Updated 9 years ago
- DLL Injection Library & Tools☆72Updated 8 years ago
- A simple API monitor for Windbg☆63Updated 8 years ago
- Windows x64 Process Scanner to detect application compatability shims☆37Updated 6 years ago
- analysis of visual basic code☆42Updated 7 years ago
- Malware Analysis, Anti-Analysis, and Anti-Anti-Analysis☆45Updated 7 years ago
- Hansel - a simple but flexible search for IDA☆26Updated 5 years ago
- A collection of empty MSVC projects, compiled using various versions and configurations of Visual Studio.☆32Updated last year
- Transfer EIP control to shellcode during malware analysis investigation☆75Updated 10 years ago
- My collection of unpackers for malware packers/crypters☆28Updated 7 years ago
- Anti-technique Codes, Detection of Anti-technique codes☆38Updated 11 years ago
- ☆45Updated 7 years ago
- Discover TimeDateStamps In PE File☆17Updated 9 years ago
- PoC for detecting and dumping process hollowing code injection☆51Updated 6 years ago
- Analysis PE file or Shellcode☆49Updated 8 years ago
- Modified edition of cuckoomon☆49Updated 7 years ago
- Trace ScriptBlock execution for powershell v2☆40Updated 5 years ago
- ☆16Updated 2 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 7 years ago
- A small library helping to parse commandline parameters (for C/C++)☆57Updated last month