maldevel / PEdumper

Related projects: ⓘ

• hasherezade / loaderine
  A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.
  ☆19Updated 6 years ago
• rwfpl / rewolf-pcausa-exploit
  PCAUSA Rawether for Windows Local Privilege Escalation
  ☆36Updated 7 years ago
• hasherezade / IAT_patcher_samples
  Sample libraries to be used with IAT Patcher
  ☆33Updated last year
• Cr4sh / SimpleUnpacker
  Simple tool for unpacking packed/protected malware executables.
  ☆32Updated 12 years ago
• AlephNull314 / AbsoluteZero
  Anti-AV compilation
  ☆42Updated 10 years ago
• tinysec / runwithdll
  windows create process with a dll load first time via LdrHook
  ☆30Updated 7 years ago
• stephenfewer / OllyCallTrace
  OllyCallTrace is a plugin for OllyDbg to trace the call chain of a thread.
  ☆52Updated 12 years ago
• Cr4sh / DrvHide-PoC
  Hidden kernel mode code execution for bypassing modern anti-rootkits.
  ☆80Updated 13 years ago
• rwfpl / rewolf-ldrdebug
  Helper utility for debugging windows PE/PE+ loader.
  ☆49Updated 9 years ago
• BreakingMalwareResearch / CFGExceptions
  Adding exceptions to Microsoft's Control Flow Guard (CFG)
  ☆58Updated 8 years ago
• zodiacon / InterceptionDemo
  Sample showing the use of CoGetInterceptor
  ☆21Updated 3 years ago
• dzzie / HookExplorer
  ☆48Updated this week
• nettitude / DLLInjection
  DLL Injection Library & Tools
  ☆71Updated 8 years ago
• swwwolf / obderef
  Decrement Windows Kernel for fun and profit
  ☆38Updated 6 years ago
• nyx0 / DLL-Inj3cti0n
  Another dll injection tool.
  ☆28Updated 9 years ago
• Microwave89 / syscalltest
  PoC for Bypassing UM Hooks By Bruteforcing Intel Syscalls
  ☆39Updated 8 years ago
• BreakingMalwareResearch / Captain-Hook
  ☆50Updated 8 years ago
• deroko / activationcontexthook
  ☆33Updated 6 years ago
• Prevenity / malware_monitor
  Malware monitor template based on MinHook
  ☆16Updated 9 years ago
• georgenicolaou / HeavenInjector
  Simple proof of concept code for injecting libraries on 64bit processes from a 32bit process
  ☆91Updated 5 years ago
• swatkat / arkitlib
  Windows anti-rootkit library
  ☆37Updated 9 years ago
• ximerus / Kryptonite
  A Win32 PE/Executable Crypter that employs on the fly encryption & decryption of memory
  ☆32Updated 10 years ago
• stephenfewer / OllyHeapTrace
  OllyHeapTrace is a plugin for OllyDbg to trace the heap operations being performed by a process.
  ☆53Updated 12 years ago
• Captainarash / Reverse-Engineer
  ☆37Updated this week
• zerosum0x0 / ShellcodeDriver
  ☆81Updated this week
• JKornev / hijacken
  Analyze and attack windows applications using dll hijacking vulnerabilities
  ☆54Updated 4 years ago
• NtRaiseHardError / UnRunPE
  PoC for detecting and dumping process hollowing code injection
  ☆50Updated 5 years ago
• NtRaiseHardError / Dreadnought
  PoC for detecting and dumping code injection (built and extended on UnRunPE)
  ☆54Updated 5 years ago
• int0 / ltmdm64_poc
  ☆28Updated 7 years ago