lfontesm / PEB-WalkLinks
☆12Updated 3 years ago
Alternatives and similar repositories for PEB-Walk
Users that are interested in PEB-Walk are comparing it to the libraries listed below
Sorting:
- Set of antianalysis techniques found in malware☆132Updated last year
- An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples☆70Updated 3 years ago
- TrashDBG the world's worse debugger☆23Updated 3 years ago
- PoC for hiding PE exports☆66Updated 4 years ago
- Simple project using syscalls (via Syswhispers2) to execute MessageBox shellcode.☆75Updated 3 years ago
- Parsers for custom malware formats ("Funky malware formats")☆96Updated 3 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆59Updated 5 years ago
- Sample project for kernel debugging automation with Vagrant☆59Updated 5 years ago
- Go Lang Portable Executable Parser☆38Updated 4 years ago
- Simple 32/64-bit PEs loader.☆138Updated 6 years ago
- ☆71Updated last year
- IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).☆88Updated 3 years ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆111Updated 4 years ago
- Process reimaging proof of concept code☆96Updated 5 years ago
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆71Updated 4 years ago
- An automatic tool for fixing dumped PE files☆41Updated 4 years ago
- Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.☆98Updated 4 years ago
- ☆161Updated 3 years ago
- APC Internals Research Code☆166Updated 4 years ago
- MalUnpack companion driver☆98Updated 11 months ago
- Automated Integration of anti-Reversing methods in PE executables☆51Updated 6 years ago
- Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019☆41Updated 5 years ago
- Write-ups for FireEye's FLARE-On challenges☆25Updated 5 years ago
- Resolve DOS MZ executable symbols at runtime☆95Updated 3 years ago
- This is a simple driver with x64 inline assembly☆55Updated 4 years ago
- Process Hollowing for 32 bit and 64 bit☆79Updated 7 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆106Updated 5 years ago
- ☆110Updated 4 years ago
- ☆19Updated last month
- ☆31Updated 3 years ago