capemon: CAPE's monitor
☆146Mar 11, 2026Updated last week
Alternatives and similar repositories for capemon
Users that are interested in capemon are comparing it to the libraries listed below
Sorting:
- Community modules for CAPE Sandbox☆111Mar 11, 2026Updated last week
- Malware Configuration And Payload Extraction☆3,082Updated this week
- Inject unsigned DLL into Protected Process Light (PPL)☆41May 8, 2025Updated 10 months ago
- ☆16Mar 12, 2026Updated last week
- ☆18Mar 28, 2023Updated 2 years ago
- Detects if a Kernel mode debugger is active by reading the value of KUSER_SHARED_DATA.KdDebuggerEnabled. It is a high level and portable …☆23Sep 18, 2017Updated 8 years ago
- DRAKVUF Sandbox - automated hypervisor-level malware analysis system☆1,278Mar 1, 2026Updated 2 weeks ago
- Inject dll to process in driver☆10Aug 27, 2024Updated last year
- DRAKVUF Black-box Binary Analysis☆1,211Mar 5, 2026Updated 2 weeks ago
- Modified edition of cuckoomon☆53Jun 4, 2018Updated 7 years ago
- Driver Loader/BE Bypass/Win Malware(lol)☆36Jun 25, 2019Updated 6 years ago
- Run Processes as PPL with ELAM☆177Mar 17, 2022Updated 4 years ago
- A project on the Unicorn emulator to emulate the code of Pe files in windows☆28Sep 12, 2024Updated last year
- XPN's RpcEnum but based on IDA instead of Ghidra☆21Aug 17, 2019Updated 6 years ago
- A DTrace on Windows Reimplementation☆372Mar 12, 2026Updated last week
- R3劫持所有异常☆15Jan 4, 2021Updated 5 years ago
- CAPE Auto-Hardened Installer☆26Jan 28, 2026Updated last month
- Automatic YARA rule generation for Malpedia☆168Sep 8, 2022Updated 3 years ago
- Enumerate various traits from Windows processes as an aid to threat hunting☆202Jan 13, 2022Updated 4 years ago
- ☆39Oct 29, 2020Updated 5 years ago
- System call hook for Windows 10 20H1☆496Jun 26, 2021Updated 4 years ago
- Sentello is python script that simulates the anti-evasion and anti-analysis techniques used by malware.☆75Mar 7, 2021Updated 5 years ago
- Easily hook WIN32 x64 functions☆18Feb 19, 2025Updated last year
- A bunch of architectural headers for i386 and AMD64☆42Oct 7, 2023Updated 2 years ago
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆125Jul 12, 2024Updated last year
- Standard collection of rules for capa: the tool for enumerating the capabilities of programs☆701Mar 12, 2026Updated last week
- Windows user mini-dump helper library to extract data from it.☆13May 17, 2025Updated 10 months ago
- 关于intel和amd指令行为不一样这件事☆62Apr 15, 2022Updated 3 years ago
- Decoder for VMProtect hwids☆18Aug 1, 2022Updated 3 years ago
- Detect removed thread from PspCidTable.☆75Mar 18, 2022Updated 4 years ago
- Maco - Malware config extractor framework☆45Mar 13, 2026Updated last week
- A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl☆1,340Mar 7, 2026Updated 2 weeks ago
- Simple Demo of using Windows Hypervisor Platform☆29Jul 14, 2025Updated 8 months ago
- Kernel Detective☆151Mar 7, 2026Updated 2 weeks ago
- A Pin Tool for tracing API calls etc☆1,634Feb 8, 2026Updated last month
- Sysmon-Like research tool for ETW☆387Nov 15, 2022Updated 3 years ago
- Static Library For Windows Drivers☆41Dec 13, 2025Updated 3 months ago
- Monitors ETW for security relevant syscalls maintaining the set called by each unique process☆89May 17, 2023Updated 2 years ago
- Debug Print viewer (user and kernel)☆72Feb 7, 2024Updated 2 years ago