kkamagui / shadow-box-for-x86Links
Shadow-Box: Lightweight and Practical Kernel Protector for x86 (Presented at BlackHat Asia 2017/2018, beVX 2018 and HITBSecConf 2017)
☆187Updated 6 years ago
Alternatives and similar repositories for shadow-box-for-x86
Users that are interested in shadow-box-for-x86 are comparing it to the libraries listed below
Sorting:
- Hypervisor-Level Debugger based on Radare2 / LibVMI, using VMI IO and debug plugins☆134Updated 6 years ago
- Cross Architecture Shellcode in C☆205Updated 9 years ago
- Implementation of the SMM rootkit "The Watcher"☆128Updated 3 years ago
- Xenpwn is a toolkit for memory access tracing using hardware-assisted virtualization☆144Updated 9 years ago
- A Bochs-based instrumentation performing kernel memory taint tracking to detect disclosure of uninitialized memory to ring 3☆307Updated 6 years ago
- PEDA-like debugger UI for WinDbg☆207Updated last year
- ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)☆136Updated 7 years ago
- LibVMI-based debug server, implemented in Python. Building a guest aware, stealth and agentless full-system debugger☆221Updated 4 years ago
- I Know Where Your Page Lives: Derandomizing the latest Windows 10 Kernel - ZeroNights 2016☆168Updated 8 years ago
- Fuzz and Detect "Use After Free" vulnerability in win32k.sys ( Heap based )☆137Updated 9 years ago
- Runtime Prevention of Return-Oriented Programming Attacks☆82Updated 10 years ago
- ☆61Updated 2 years ago
- radare2 + miasm2 = ♥☆102Updated 5 years ago
- Devestating and awesome Linux X86_64 ELF Virus☆232Updated 3 years ago
- Dynamic analysis of binary programs to retrieve function-related information (arity, type of parameters, coupling).☆67Updated 8 years ago
- Notes on various topics I'm interested in☆160Updated 10 years ago
- Implementation of G-Free: Defeating Return-Oriented Programming through Gadget-less Binaries☆95Updated 7 years ago
- A novel technique to hide code from debuggers & disassemblers☆156Updated last year
- gdbida - a visual bridge between a GDB session and IDA Pro's disassembler☆184Updated 7 years ago
- A hypervisor for fuzzing built with WHVP and Bochs☆378Updated 6 years ago
- ☆172Updated 3 years ago
- a bare metal (type 1) VMM (hypervisor) with a python remote control API☆184Updated 7 years ago
- Decompiler for x86 and x86-64 ELF binaries☆221Updated 6 years ago
- A mutation based user mode (ring3) dumb in-memory Windows Kernel (IOCTL) Fuzzer/Logger. This script attach it self to any given process a…☆67Updated 11 years ago
- A Bochs-based instrumentation project designed to log kernel memory references, to identify "double fetches" and other OS vulnerabilities☆341Updated 6 years ago
- A Tool to Unpack Self-Modifying Code using DynamoRIO☆141Updated 8 years ago
- Kernel Address Space Layout Randomization (KASLR) Recovery Software☆98Updated 8 years ago
- A DBI tool to discover heap memory related bugs☆125Updated 7 years ago
- SymGDB - symbolic execution plugin for gdb☆217Updated 7 years ago
- PoC for breaking hypervisor ASLR using branch target buffer collisions☆166Updated 8 years ago