ntddk / blue

Related projects ⓘ

Alternatives and complementary repositories for blue

• rwfpl / rewolf-pcausa-exploit
  PCAUSA Rawether for Windows Local Privilege Escalation
  ☆36Updated 7 years ago
• AlicanAkyol / eagle
  Bypass Antivm and Cuckoo Sandbox Techniques
  ☆12Updated 8 years ago
• r41p41 / BotKiller
  find and kill injectedThreads from memory
  ☆10Updated 8 years ago
• own2pwn / r0ak
  r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems
  ☆26Updated 6 years ago
• KbaHaxor / Ammyy-v3
  Ammyy v3 Source Code leak , with ❤️ <3
  ☆36Updated 7 years ago
• revsic / CodeInjection
  Code Injection technique written in cpp language
  ☆31Updated 6 years ago
• NtRaiseHardError / Dreadnought
  PoC for detecting and dumping code injection (built and extended on UnRunPE)
  ☆54Updated 6 years ago
• apriorit / antirootkit-anti-splicer
  The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers
  ☆34Updated 7 years ago
• LordNoteworthy / awesome-virtualization
  ☆17Updated 5 years ago
• killswitch-GUI / IsDebuggerPresent
  Debugger checks in 3 ways
  ☆20Updated 6 years ago
• NtRaiseHardError / UnRunPE
  PoC for detecting and dumping process hollowing code injection
  ☆50Updated 6 years ago
• Prevenity / malware_monitor
  Malware monitor template based on MinHook
  ☆16Updated 9 years ago
• sysopfb / Unpackers
  My collection of unpackers for malware packers/crypters
  ☆28Updated 7 years ago
• securesean / Shim-Process-Scanner
  Windows x64 Process Scanner to detect application compatability shims
  ☆36Updated 6 years ago
• mgeeky / prc_xchk
  User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.
  ☆18Updated 8 years ago
• owerosu / packerPE32
  Simple PE packer with RtlCompressBuffer
  ☆21Updated 9 years ago
• Necrosys / zerowine-tryout
  Zero Wine Tryouts: An open source malware analysis tool
  ☆16Updated 8 years ago
• hasherezade / loaderine
  A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.
  ☆19Updated 6 years ago
• deroko / SPPLUAObjectUacBypass
  ☆45Updated 6 years ago
• eugeneching / msdn-grab
  Allows a user to grab documentation from online MSDN for a given function name in IDA, and import the documentation as a repeatable comme…
  ☆15Updated 12 years ago
• ctxis / capemon
  CAPE monitor DLLs
  ☆38Updated 4 years ago
• PELock / starter
  A small utility to run raw code chunks in the executable memory area.
  ☆14Updated 9 years ago
• bhassani / Alina
  Alina POS Source Code + Rootkit
  ☆23Updated 9 years ago
• Darkabode / amte
  Analysis and Modification Tool for Executables
  ☆16Updated 5 years ago
• pstolarz / asprext
  ASProtect reverse engineering & analysis WinDbg extension
  ☆20Updated 3 years ago
• marcusbotacin / Anti.Analysis
  Malware Analysis, Anti-Analysis, and Anti-Anti-Analysis
  ☆43Updated 7 years ago
• edix / MalwareResourceScanner
  Scanning and identifying XOR encrypted PE files in PE resources
  ☆27Updated 10 years ago
• stolenbytes / apcforthewin
  ☆16Updated 7 years ago
• NtRaiseHardError / NoREpls
  NoREpls - Application designed for the purposes of reverse engineering.
  ☆10Updated 6 years ago
• yaseralnajjar / deobfuscation-helper
  A simple tool to help reverse engineers while dealing with obfuscated code.
  ☆20Updated 8 years ago
• atlantis2013 / Evasion-Tools
  Anti-technique Codes, Detection of Anti-technique codes
  ☆37Updated 11 years ago