hugsy / recon_2024_windbg_workshopLinks
☆73Updated 11 months ago
Alternatives and similar repositories for recon_2024_windbg_workshop
Users that are interested in recon_2024_windbg_workshop are comparing it to the libraries listed below
Sorting:
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆115Updated 10 months ago
- Writeups for CTF challenges☆31Updated last year
- ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…☆117Updated last month
- WinDbg extension written in Rust to dump the CPU / memory state of a running VM☆117Updated 2 weeks ago
- Static Binary Instrumentation tool for Windows x64 executables☆203Updated last month
- ☆145Updated last year
- A fast execution trace symbolizer for Windows that runs on all major platforms and doesn't depend on any Microsoft libraries.☆93Updated 7 months ago
- ☆52Updated 7 months ago
- ☆69Updated 2 years ago
- Winbindex bot to pull in binaries for specific releases☆48Updated last year
- Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules☆77Updated this week
- Aplos an extremely simple fuzzer for Windows binaries.☆69Updated 3 months ago
- Recon 2023 slides and code☆79Updated last year
- IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).☆88Updated 3 years ago
- Leveraging CVEs as North Stars in vulnerability discovery and comprehension.☆66Updated last year
- A tool that automates regex generation for the x86 and x86-64 instruction sets☆72Updated last year
- Windows KASLR bypass using prefetch side-channel☆100Updated last year
- msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation to be used within IDA.☆151Updated last year
- rp-bf: A library to bruteforce ROP gadgets by emulating a Windows user-mode crash-dump☆115Updated last year
- Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation☆127Updated last year
- Report and exploit of CVE-2023-36427☆90Updated last year
- LPE exploit for CVE-2023-36802☆22Updated last year
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆105Updated 2 years ago
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆114Updated 2 years ago
- ☆114Updated last month
- Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2☆227Updated 2 years ago
- ☆46Updated 2 months ago
- ☆90Updated last year
- How to set up 2 VirtualBox VM to debug kernel driver using windbg☆54Updated 2 years ago
- This IDA plugin extends the functionality of the assembly and hex view. With this plugin, you can conveniently decode/decrypt/alter data …☆81Updated this week