maldevel / PEdumper
Dump Windows PE file information in C
☆23Updated 9 years ago
Alternatives and similar repositories for PEdumper:
Users that are interested in PEdumper are comparing it to the libraries listed below
- PCAUSA Rawether for Windows Local Privilege Escalation☆38Updated 8 years ago
- windows create process with a dll load first time via LdrHook☆30Updated 8 years ago
- Simple tool for unpacking packed/protected malware executables.☆32Updated 13 years ago
- Sample libraries to be used with IAT Patcher☆33Updated 2 years ago
- Anti-AV compilation☆42Updated 11 years ago
- ☆51Updated 8 years ago
- OllyCallTrace is a plugin for OllyDbg to trace the call chain of a thread.☆53Updated 13 years ago
- Helper utility for debugging windows PE/PE+ loader.☆52Updated 10 years ago
- PoC for Bypassing UM Hooks By Bruteforcing Intel Syscalls☆39Updated 9 years ago
- Malware monitor template based on MinHook☆16Updated 10 years ago
- Scanning and identifying XOR encrypted PE files in PE resources☆27Updated 10 years ago
- Bootkits Revisited☆41Updated 10 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 7 years ago
- OpenHIPS prevents exploitation of Windows systems☆35Updated 12 years ago
- CAPE monitor DLLs☆39Updated 5 years ago
- A sample project for using Capstone from a driver in Visual Studio 2015☆34Updated 8 years ago
- ☆33Updated 7 years ago
- Anti-technique Codes, Detection of Anti-technique codes☆38Updated 11 years ago
- Sample showing the use of CoGetInterceptor☆21Updated 4 years ago
- PoC for detecting and dumping code injection (built and extended on UnRunPE)☆56Updated 6 years ago
- DLL Injection Library & Tools☆72Updated 8 years ago
- A session-0 capable dll injection utility☆76Updated 7 years ago
- Hidden kernel mode code execution for bypassing modern anti-rootkits.☆83Updated 14 years ago
- public bugs/proof of concepts☆48Updated 4 years ago
- ☆45Updated 6 years ago
- ☆43Updated 7 years ago
- Simple proof of concept code for injecting libraries on 64bit processes from a 32bit process☆94Updated 6 years ago
- Examples for detection of hidden processes on windows☆33Updated 10 years ago
- [ARCHIVED] mov rax, ${Thalium/IceBox}; jmp rax;☆73Updated 5 years ago
- PoC for detecting and dumping process hollowing code injection☆51Updated 6 years ago