WinDbg x64 extension that disassembles live functions and uses an LLM to produce verified pseudocode.
☆111Jun 22, 2026Updated 3 weeks ago
Alternatives and similar repositories for windbg-decompile-ext
Users that are interested in windbg-decompile-ext are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Windows kernel research tool. Looks like a debugger, but it is not a debugger. It uses a kernel driver to provide a WinDbg-like live kern…☆69Jul 7, 2026Updated last week
- An IDA Pro / Hex-Rays plugin that turns noisy pseudocode into reviewable, kernel-aware cleanup artifacts☆157Jul 7, 2026Updated last week
- User-mode ETW interception and telemetry manipulation lab for Windows security research.☆42Jun 15, 2026Updated 3 weeks ago
- Havoc BOF implementation of BYOVD attack to terminate PPL-protected EDR processes using a signed Microsoft kernel driver.☆39Apr 6, 2026Updated 3 months ago
- A PoC Cobalt Strike UDRL written in Rust☆31Jun 20, 2026Updated 3 weeks ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Full exploit code for CVE-2026-40369 - A Windows kernel arbitrary write vulnerability that allows browser sandbox escape from all browser…☆254May 18, 2026Updated last month
- A bin2bin code virtualizer for x86-64 PE's☆159Jun 6, 2026Updated last month
- Noradrenaline is a collection of high-performance post-exploitation shared libraries designed for native execution on macOS and Linux end…☆29Jul 6, 2026Updated last week
- An MCP to expose process monitoring and ETW tracing functionally to AI agents to assist in security work☆73May 6, 2026Updated 2 months ago
- Modern Win32 API monitor for Windows security, reverse engineering, debugging, and anti-cheat research.☆43Jun 28, 2026Updated 2 weeks ago
- LLVM based devirtualizer for the binaryshield software protector.☆81May 7, 2026Updated 2 months ago
- A EDR bypassing shellcode loader framework for Windows 10 64bit, featuring ETW/AMSI patching, Tartarus Gate, process protection and more☆57Jun 24, 2026Updated 2 weeks ago
- Toolkits for KPH (KSystemInformer) Dynamic Data .☆32Jul 2, 2026Updated last week
- Kernforge is a project intelligence and fuzzing workbench for Windows security, anti-cheat engineering, and evidence-backed verification.☆24Updated this week
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Injecting code by recompiling shellcode into a ROP chain.☆146Apr 21, 2026Updated 2 months ago
- Generate a PDB file given the old PDB file and an address mapping☆55Aug 3, 2025Updated 11 months ago
- An MCP (Model Context Protocol) server that turns all pybag Windows debugger functions into native MCP tools. It lets MCP-compatible clie…☆85May 3, 2026Updated 2 months ago
- Static devirtualizer for VMProtect 3.0-3.5. Lifts virtualized code to LLVM using Remill and strips the VM layer through optimization.☆290Jun 2, 2026Updated last month
- Async BOF to automatically extract or renew Kerberos TGTs on a target system.☆134Updated this week
- Clean Indirect Syscalls with Hook Evasion & Return Address Spoofing.☆97Apr 30, 2026Updated 2 months ago
- Async BOF to capture KeePass master passwords by detecting and keylogging locked database windows.☆46Jun 18, 2026Updated 3 weeks ago
- Windows security research toolkit for LPE, persistence, COM hijacking, and attack surface enumeration.☆204Jun 13, 2026Updated last month
- A local tool for ingesting Windows Patch Tuesday CVEs, diffing patched binaries with Ghidriff and surfacing LLM-generated security analys…☆55May 19, 2026Updated last month
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A Ghidra agentic reverse engineering skill.☆257Jul 7, 2026Updated last week
- Brovan is a user-mode x86_64 binary emulator for your malware analysis & reverse engineering.☆150Updated this week
- COM Windows Persistence Technique☆89Apr 27, 2026Updated 2 months ago
- A collection of vibe reverse engineered binaries and malware (for educational purposes only)☆104Jun 1, 2026Updated last month
- A Proof-of-Concept bootkit inspired by Petya ransomware, written in Assembly, C, and C++☆259Jun 18, 2026Updated 3 weeks ago
- Advanced EDR Evasion via AI Telemetry Spoofing & WASM Sandboxing. Project Onyx is a PoC Red Team pipeline designed to demonstrate advance…☆113Jun 30, 2026Updated 2 weeks ago
- An IDA Pro plugin that lifts functions and their dependencies out of IDA Pro into self-contained artifacts.☆44Updated this week
- Remove WPP calls from hexrays decompiled code☆59Jan 31, 2026Updated 5 months ago
- ☆18Dec 18, 2020Updated 5 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Toolkit for Windows internals, vulnerability analysis, and reproducible security research workflows.☆66Jun 23, 2026Updated 3 weeks ago
- Automatic vtable detection, inheritance analysis, and function override tracking for reverse engineering compiled C++ binaries. Supports …☆141Mar 13, 2026Updated 4 months ago
- Cortex C2 is a Open source Linux C2 inspired by the void link C2 framework☆43May 29, 2026Updated last month
- Autonomous Windows POC developer from patchwatch diff reports☆66May 13, 2026Updated 2 months ago
- EDRUnChoker - fileless WMI defense that removes EDRChoker QoS throttling policies☆43Jun 8, 2026Updated last month
- Vibe Reverse Engineer with IDA SQL: An interface for IDA in SQL via live virtual tables☆309Jun 23, 2026Updated 3 weeks ago
- ☆28Jun 21, 2026Updated 3 weeks ago