mgeeky / PEInfo
Another Portable Executable files analysing stuff
☆18Updated 13 years ago
Related projects ⓘ
Alternatives and complementary repositories for PEInfo
- really ?☆12Updated 8 months ago
- Small tool to play with IOCs caused by Imageload events☆37Updated last year
- Windows GPU rootkit PoC by Team Jellyfish☆35Updated 9 years ago
- An example of COM hijacking using a proxy DLL.☆24Updated 3 years ago
- ☆31Updated 4 years ago
- Just another casual shellcode native loader☆24Updated 2 years ago
- Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich☆13Updated 4 months ago
- NimSkrull is an adaption from the original Skrull malware anti-copy DRM. Only for the anti-copy feature. (https://github.com/aaaddress1/S…☆12Updated last year
- A tool for leveraging elevated acess over a computer to boot the computer into Windows Safe Mode, alter settings, and then boot back into…☆15Updated 3 years ago
- Released alongside with a talk at REcon 2023, TheRestarter is an interactive command-line tool is designed to interact with the Windows …☆15Updated last year
- ☆25Updated 3 weeks ago
- Manually perform syscalls without going through any external API or DLL.☆16Updated last year
- ☆24Updated 3 years ago
- A simple PE loader.☆25Updated last year
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆15Updated 6 years ago
- Dangling COM Keys Finder☆14Updated 2 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆37Updated 3 years ago
- Executes shellcode from a remote server and aims to evade in-memory scanners☆30Updated 4 years ago
- C# project to Reflectively load .Net assemblies in memory☆17Updated 4 months ago
- Simple and sane cryptographic wrapper library.☆26Updated last year
- API hashing written in C to load APIs indirectly using CRC32 hashing☆13Updated 4 years ago
- A Practical example of ELAM (Early Launch Anti-Malware)☆30Updated 2 years ago
- Listing UDP connections with remote address without sniffing.☆30Updated last year
- A small commented POC for removing API hooks placed by AV/EDR.☆33Updated 4 years ago