m417z / x64dbg-xfg-marker
An x64dbg plugin which marks XFG call signatures as data
☆71Updated last year
Related projects: ⓘ
- WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs☆15Updated last year
- Example of building an application verifer DLL☆44Updated 3 months ago
- Support Windows OS Reversing by searching easily for references to functions across many DLLs☆33Updated 2 years ago
- A post-processing script for TinyTracer☆37Updated last year
- Different tools for Microsoft Hyper-V researching☆45Updated 3 months ago
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year
- ☆65Updated last year
- Listing UDP connections with remote address without sniffing.☆30Updated 11 months ago
- An x64dbg plugin which helps make sense of long C++ symbols☆58Updated last year
- A collection of tools, source code, and papers researching Windows' implementation of CET.☆72Updated 3 years ago
- Enabled / Disable LSA Protection via BYOVD☆61Updated 2 years ago
- Finding Truth in the Shadows☆81Updated last year
- Report and exploit of CVE-2023-36427☆86Updated 9 months ago
- Windows kernel PDB data parsed into YAML☆30Updated 8 months ago
- A Python script to download PDB files associated with a Portable Executable (PE)☆113Updated 2 months ago
- ☆27Updated last year
- Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post☆46Updated 2 weeks ago
- This x64dbg plugin allows you to upload your sample to Malcore and view the results.☆31Updated last year
- A kernel vulnerability used to achieve arbitrary read-write on Windows prior to July 2022☆103Updated last year
- A attempt at replicating BLACKLOTUS capabilities, whilst not acting as a direct mimic.☆81Updated last year
- An experimental dynamic malware unpacker based on Intel Pin and PE-sieve☆57Updated 3 weeks ago
- Delphi-Kawaii is a plugin for Ida Pro.☆16Updated last year
- ☆23Updated 9 months ago
- Winbindex bot to pull in binaries for specific releases☆44Updated last year
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆24Updated last year
- Report and exploit of CVE-2024-21305.☆29Updated 8 months ago
- call gates as stable comunication channel for NT x86 and Linux x86_64☆28Updated last year
- Contains all the applications developed for the Second part of the 7th Edition of Windows Internals book☆86Updated 2 months ago
- Samples from my book Windows Native API programming☆53Updated last month
- Simple dotnet Native AOT app that uses AsmResolver to convert shellcode to PE☆63Updated last year