nccgroup / Winstrument
Winstrument is a framework of modular scripts to aid in instrumenting Windows software using Frida for reverse engineering and attack surface analysis.
☆67Updated 4 years ago
Alternatives and similar repositories for Winstrument:
Users that are interested in Winstrument are comparing it to the libraries listed below
- A repository for my conference presentations☆35Updated 5 years ago
- Malware dynamic instrumentation tool based on frida framework☆104Updated 4 years ago
- A collection of Frida hooks for experimentation on Windows platforms.☆97Updated 5 years ago
- ☆134Updated 5 years ago
- All the materials in BlueHat 2019 Seattle will be realeased here.☆67Updated 5 years ago
- Tools for instrumenting Windows Defender's mpengine.dll☆36Updated 6 years ago
- Sandbox escape using WinHTTP Web Proxy Auto-Discovery Service☆85Updated 5 years ago
- #INFILTRATE20 raptor's party pack.☆28Updated last year
- Ebfuscator: Abusing system errors for binary obfuscation☆52Updated 4 years ago
- Research material and Proof-of-Concepts for Aleph Research Findings☆89Updated 3 years ago
- For code snippets and information☆41Updated 5 years ago
- ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking.☆89Updated 5 years ago
- The slides from my Saintcon 2019 talk.☆48Updated 5 years ago
- Dockerfiles for (un)popular fuzzers!☆29Updated 4 years ago
- WIP Emotet Control Flow Unflattening using miasm and radare2☆23Updated 2 years ago
- ☆49Updated 5 years ago
- A Fuzzer for Windows NDIS Drivers OID Handlers☆93Updated 3 years ago
- Capture The Flag Binary fuzzer for Heap challanges☆41Updated 6 years ago
- Simple library to spray the Windows Kernel Pool☆107Updated 5 years ago
- My conference presentations and Materials for them.☆32Updated 2 years ago
- Writeup and POC for CVE-2020-0753, CVE-2020-0754 and six fixed Window DOS Vulnerabilities.☆14Updated 4 years ago
- A set of helpers and examples to fuzz Win32 binaries with AFL++ QEMU☆69Updated 4 years ago
- A script to detect stack-strings by using emulation (leveraging Unicorn)☆35Updated last year
- ☆46Updated 5 years ago
- Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment☆120Updated 4 years ago
- Write-ups for crackmes and CTF challenges☆51Updated 2 years ago
- An exploit for CVE-2019-17026. It pops xcalc and was tested on Ubuntu (x64).☆48Updated 4 years ago
- Port of windbglib to x64dbgpy, in an effort to support mona.py in x64dbg.☆51Updated 5 years ago
- POC viruses I have created to demo some ideas☆59Updated 4 years ago
- Import DynamoRIO drcov code coverage data into Ghidra☆43Updated last year