ionescu007 / hazmat5Links
Local OXID Resolver (LCLOR) : Research and Tooling
☆35Updated 4 years ago
Alternatives and similar repositories for hazmat5
Users that are interested in hazmat5 are comparing it to the libraries listed below
Sorting:
- Command like tool to print mitigation flags for running processes in a memory dump☆46Updated 4 years ago
- Helper idapython code for reversing kmdf drivers☆72Updated 2 years ago
- Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.☆98Updated 4 years ago
- Sysmon shenanigans☆65Updated 4 years ago
- ☆45Updated 4 years ago
- Windows kernel PDB data parsed into YAML☆36Updated 6 months ago
- Extract data of TTD trace file to a minidump☆28Updated last year
- Clone running process with ZwCreateProcess☆57Updated 4 years ago
- Winbindex bot to pull in binaries for specific releases☆48Updated last year
- ☆24Updated last year
- WIP Emotet Control Flow Unflattening using miasm and radare2☆23Updated 2 years ago
- An IDA plugin to deal with Event Tracing for Windows (ETW)☆55Updated 2 years ago
- ☆21Updated 5 years ago
- ☆31Updated 4 years ago
- Dumps information about all the callback objects found in a dump file and the functions registered for them☆36Updated 4 years ago
- ☆18Updated 4 years ago
- A collection of shellcode hashes☆17Updated 6 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆106Updated 5 years ago
- ☆36Updated 3 years ago
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆72Updated last year
- IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).☆88Updated 3 years ago
- Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019☆41Updated 5 years ago
- Process reimaging proof of concept code☆96Updated 5 years ago
- ☆40Updated 3 years ago
- C# implementation to produce ROR-13 numeric hash for given function API name☆32Updated 6 years ago
- ☆25Updated 2 years ago
- "An Introduction to Windows Exploit Development" is an open sourced, free Windows exploit development course I created for the Southeast …☆39Updated 5 years ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆111Updated 4 years ago
- ☆70Updated 3 months ago
- Rite Of Passage ROP Injector☆34Updated 5 years ago