kkamagui / shadow-box-for-x86Links
Shadow-Box: Lightweight and Practical Kernel Protector for x86 (Presented at BlackHat Asia 2017/2018, beVX 2018 and HITBSecConf 2017)
☆187Updated 6 years ago
Alternatives and similar repositories for shadow-box-for-x86
Users that are interested in shadow-box-for-x86 are comparing it to the libraries listed below
Sorting:
- Hypervisor-Level Debugger based on Radare2 / LibVMI, using VMI IO and debug plugins☆134Updated 6 years ago
- Cross Architecture Shellcode in C☆205Updated 9 years ago
- radare2 + miasm2 = ♥☆103Updated 5 years ago
- Implementation of the SMM rootkit "The Watcher"☆128Updated 3 years ago
- ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)☆136Updated 7 years ago
- ☆61Updated 2 years ago
- Fuzz and Detect "Use After Free" vulnerability in win32k.sys ( Heap based )☆137Updated 9 years ago
- PEDA-like debugger UI for WinDbg☆205Updated last year
- I Know Where Your Page Lives: Derandomizing the latest Windows 10 Kernel - ZeroNights 2016☆164Updated 8 years ago
- Kernel Address Space Layout Randomization (KASLR) Recovery Software☆98Updated 8 years ago
- Runtime Prevention of Return-Oriented Programming Attacks☆82Updated 10 years ago
- Xenpwn is a toolkit for memory access tracing using hardware-assisted virtualization☆144Updated 9 years ago
- A Bochs-based instrumentation performing kernel memory taint tracking to detect disclosure of uninitialized memory to ring 3☆306Updated 6 years ago
- gdbida - a visual bridge between a GDB session and IDA Pro's disassembler☆184Updated 7 years ago
- Devestating and awesome Linux X86_64 ELF Virus☆232Updated 2 years ago
- Decompiler for x86 and x86-64 ELF binaries☆220Updated 6 years ago
- LibVMI-based debug server, implemented in Python. Building a guest aware, stealth and agentless full-system debugger☆221Updated 4 years ago
- A novel technique to hide code from debuggers & disassemblers☆156Updated last year
- A Tool to Unpack Self-Modifying Code using DynamoRIO☆141Updated 8 years ago
- Pocs for Antivirus Software‘s Kernel Vulnerabilities☆264Updated 8 years ago
- Attacking the Core associated source files☆88Updated 7 years ago
- Hypervisor-based debugger☆189Updated 4 years ago
- SymGDB - symbolic execution plugin for gdb☆217Updated 7 years ago
- WinHeap Explorer repository.☆119Updated 7 years ago
- Shadow-Box: Lightweight and Practical Kernel Protector for ARM (Presented at BlackHat Asia 2018)☆73Updated 7 years ago
- Malware Behavior Analyzer☆159Updated 8 years ago
- A program to draw rectangles from heap traces.☆135Updated 5 years ago
- IDA plugin for reverse-engineering and dynamic interactions with the Binsec platform☆116Updated 7 years ago
- Windows API tracer for malware (oldname: unitracer)☆119Updated 7 years ago
- A mutation based user mode (ring3) dumb in-memory Windows Kernel (IOCTL) Fuzzer/Logger. This script attach it self to any given process a…☆67Updated 11 years ago