horsicq / DIE-engine

Related projects: ⓘ

• horsicq / Detect-It-Easy
  Program for determining types of files for Windows, Linux and MacOS.
  ☆7,292Updated this week
• x64dbg / ScyllaHide
  Advanced usermode anti-anti-debugger. Forked from https://bitbucket.org/NtQuery/scyllahide
  ☆3,397Updated 3 months ago
• ExeinfoASL / ASL
  Free Windows Detector Software
  ☆708Updated last month
• onethawt / idaplugins-list
  A list of IDA Plugins
  ☆3,499Updated 3 months ago
• AxtMueller / Windows-Kernel-Explorer
  A free but powerful Windows kernel research tool.
  ☆2,380Updated 3 months ago
• petoolse / petools
  PE Tools - Portable executable (PE) manipulation toolkit
  ☆1,014Updated 6 years ago
• horsicq / x64dbg-Plugin-Manager
  Plugin manager for x64dbg
  ☆789Updated this week
• TsudaKageyu / minhook
  The Minimalistic x86/x64 API Hooking Library for Windows
  ☆4,286Updated last month
• bootleg / ret-sync
  ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja…
  ☆1,982Updated 6 months ago
• mrexodia / TitanHide
  Hiding kernel-driver for x86/x64.
  ☆2,077Updated 8 months ago
• LordNoteworthy / al-khaser
  Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
  ☆5,784Updated 6 months ago
• ThunderCls / xAnalyzer
  xAnalyzer plugin for x64dbg
  ☆1,006Updated 2 years ago
• de4dot / de4dot
  .NET deobfuscator and unpacker.
  ☆6,900Updated 4 years ago
• DarthTon / Blackbone
  Windows memory hacking library
  ☆4,780Updated 7 months ago
• uxmal / reko
  Reko is a binary decompiler.
  ☆2,130Updated last week
• dnSpyEx / dnSpy
  Unofficial revival of the well known .NET debugger and assembly editor, dnSpy
  ☆6,641Updated last week
• can1357 / NoVmp
  A static devirtualizer for VMProtect x64 3.x. powered by VTIL.
  ☆1,918Updated 3 years ago
• ReClassNET / ReClass.NET
  More than a ReClass port to the .NET platform.
  ☆1,804Updated 4 months ago
• NtQuery / Scylla
  Imports Reconstructor
  ☆1,090Updated last year
• glmcdona / Process-Dump
  Windows tool for dumping malware PE files from memory back to disk for analysis.
  ☆1,624Updated 2 weeks ago
• microsoft / Detours
  Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.
  ☆5,141Updated last month
• horsicq / XPEViewer
  PE file viewer/editor for Windows, Linux and MacOS.
  ☆963Updated this week
• SychicBoy / NETReactorSlayer
  An open source (GPLv3) deobfuscator and unpacker for Eziriz .NET Reactor
  ☆930Updated 2 months ago
• icedland / iced
  Blazing fast and correct x86/x64 disassembler, assembler, decoder, encoder for Rust, .NET, Java, Python, Lua
  ☆2,882Updated this week
• crypto2011 / IDR
  Interactive Delphi Reconstructor
  ☆944Updated last year
• hzqst / VmwareHardenedLoader
  Vmware Hardened VM detection mitigation loader (anti anti-vm)
  ☆1,728Updated last year
• fr0gger / awesome-ida-x64-olly-plugin
  A curated list of IDA x64DBG, Ghidra and OllyDBG plugins.
  ☆1,242Updated 3 months ago
• EasyHook / EasyHook
  EasyHook - The reinvention of Windows API Hooking
  ☆3,005Updated 7 months ago
• fancycode / MemoryModule
  Library to load a DLL from memory.
  ☆2,782Updated 8 months ago
• a0rtega / pafish
  Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that…
  ☆3,326Updated 2 months ago