lfontesm / PEB-Walk

Related projects ⓘ

Alternatives and complementary repositories for PEB-Walk

• t3ssellate / unmapper
  An automatic tool for fixing dumped PE files
  ☆41Updated 4 years ago
• OALabs / trashdbg
  TrashDBG the world's worse debugger
  ☆23Updated 2 years ago
• Jb05s / Exploit-Dev-C
  ☆22Updated 4 years ago
• DanielAvinoam / TheSubZeroProject
  A multi-staged malware that contains a kernel mode rootkit and a remote system shell.
  ☆69Updated 3 years ago
• mobdk / CloneProcess
  Clone running process with ZwCreateProcess
  ☆58Updated 4 years ago
• uf0o / rootkit-arsenal-guacamole
  An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples
  ☆66Updated 2 years ago
• SinaKarvandi / x64-Driver-Inline-Assembly
  This is a simple driver with x64 inline assembly
  ☆53Updated 4 years ago
• Coalfire-Research / ERC.Xdbg
  An Xdbg Plugin of the ERC Library.
  ☆26Updated 9 months ago
• djhohnstein / ProcessReimaging
  Process reimaging proof of concept code
  ☆95Updated 5 years ago
• redplait / pexphide
  PoC for hiding PE exports
  ☆65Updated 3 years ago
• Maff1t / InjectNtdllPOC
  Process Injection without R/W target memory and without creating a remote thread
  ☆19Updated 2 years ago
• ihack4falafel / ROR13HashGenerator
  C# implementation to produce ROR-13 numeric hash for given function API name
  ☆31Updated 5 years ago
• uvbs / NT-APC-Injector
  APC DLL Injector with NtQueueApcThread and wake up thread support
  ☆44Updated 7 years ago
• SouhailHammou / KernelSymbolsHelper
  Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…
  ☆53Updated 5 years ago
• yardenshafir / CallbackObjectAnalyzer
  Dumps information about all the callback objects found in a dump file and the functions registered for them
  ☆34Updated 4 years ago
• yardenshafir / MitigationFlagsCliTool
  Command like tool to print mitigation flags for running processes in a memory dump
  ☆44Updated 4 years ago
• ch3rn0byl / WinDbg-Extensions
  ☆17Updated 3 years ago
• OmerYa / ROPInjector
  Rite Of Passage ROP Injector
  ☆34Updated 5 years ago
• Truneski / WindowsKernelProgramming-Exercises
  ☆49Updated 4 years ago
• forrest-orr / ExploitDev
  Various tools, PoCs and experiments related to my blog at https://www.forrest-orr.net/
  ☆35Updated 3 years ago
• ulexec / EmotetCFU
  WIP Emotet Control Flow Unflattening using miasm and radare2
  ☆23Updated last year
• hasherezade / SweetDreams
  Implementation of Advanced Module Stomping and Heap/Stack Encryption
  ☆9Updated last year
• riskydissonance / SyscallsExample
  Simple project using syscalls (via Syswhispers2) to execute MessageBox shellcode.
  ☆73Updated 3 years ago
• idan1288 / PHDetection
  Process Hollowing Detection on a live system
  ☆13Updated 7 years ago
• NtRaiseHardError / UnRunPE
  PoC for detecting and dumping process hollowing code injection
  ☆50Updated 6 years ago
• hasherezade / libpeconv_tpl
  A ready-made template for a project based on libpeconv.
  ☆41Updated last month
• hasherezade / tag_converter
  ☆21Updated 3 years ago
• WithSecureLabs / ModuleStomping
  https://blog.f-secure.com/hiding-malicious-code-with-module-stomping/
  ☆113Updated 5 years ago
• sgabe / SymlinkProtect
  File system minifilter driver for Windows to block symbolic link attacks.
  ☆51Updated 3 years ago