kkent030315 / detect-anyrunLinks
ANY.RUN sandbox detection collection
☆21Updated 11 months ago
Alternatives and similar repositories for detect-anyrun
Users that are interested in detect-anyrun are comparing it to the libraries listed below
Sorting:
- Yet another IDA Pro/Home plugin for deobfuscating stack strings☆35Updated this week
- windows rootkit☆61Updated last year
- WinApi Patcher is a straightforward tool leveraging windows API hooking to patch and modify certain behaviors in a targeted environment.☆44Updated 10 months ago
- A journal for $6,000 Riot Vanguard bounty.☆65Updated last year
- An x64dbg plugin which helps make sense of long C++ symbols☆59Updated 2 years ago
- Exploit for eneio64.sys - Turning Physical Memory R/W into Virtual Memory R/W☆44Updated last month
- An improved version of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆70Updated 4 months ago
- monitors hidden syscalls called from call of duty anticheat☆82Updated 6 months ago
- This repo contains EXPs about Vulnerable Windows Driver☆46Updated last year
- ☆26Updated 8 months ago
- Report and exploit of CVE-2024-21305.☆36Updated last year
- dynamic binary instrumentation, analysis, and patching framework☆73Updated 2 weeks ago
- Generate a PDB file given the old PDB file and an address mapping☆49Updated this week
- Proof-of-concept game using VBS enclaves to protect itself from cheating☆43Updated 8 months ago
- ☆22Updated 5 months ago
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆56Updated 9 months ago
- Header-only C++ library for producing PE files.☆34Updated 2 years ago
- A VMWare logger using built-in backdoor.☆30Updated 9 months ago
- A fast Windows emulator + debugger for reverse engineering. Runs any executable in debug mode, disassembles with Zydis, emulates instruct…☆70Updated this week
- Remove WPP calls from hexrays decompiled code☆50Updated 4 months ago
- C++ macro for x64 programs that breaks ida hex-rays decompiler tool.☆124Updated last year
- All LLVM binaries scrambled with SigBreaker and used to test against llvm-lit☆23Updated 2 months ago
- PoC exploit for HP Hardware Diagnostic's EtdSupp driver☆50Updated 2 years ago
- Load dll with undocumented functions and debug symbols☆47Updated last year
- Hook all callbacks which are registered with LdrRegisterDllNotification☆88Updated 4 months ago
- A set of LLVM and GCC based plugins that perform code obfuscation.☆126Updated last month
- LLVM based obfuscation engine☆95Updated last month
- Lightweight Threat Detection System - (Base)☆15Updated last year
- kASLR bypass technique on Intel CPUs.☆23Updated 2 months ago
- Small driver that uses alternative syscalls feature (the project is still under development).☆17Updated last year