ntddk / blue

Related projects ⓘ

Alternatives and complementary repositories for blue

• own2pwn / r0ak
  r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems
  ☆26Updated 6 years ago
• mgeeky / prc_xchk
  User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.
  ☆18Updated 8 years ago
• Cr4sh / SimpleUnpacker
  Simple tool for unpacking packed/protected malware executables.
  ☆32Updated 13 years ago
• zodiacon / AccessMask
  ☆18Updated 5 years ago
• revsic / CodeInjection
  Code Injection technique written in cpp language
  ☆31Updated 6 years ago
• AlicanAkyol / eagle
  Bypass Antivm and Cuckoo Sandbox Techniques
  ☆12Updated 8 years ago
• rwfpl / rewolf-pcausa-exploit
  PCAUSA Rawether for Windows Local Privilege Escalation
  ☆36Updated 7 years ago
• killswitch-GUI / IsDebuggerPresent
  Debugger checks in 3 ways
  ☆20Updated 6 years ago
• KbaHaxor / Ammyy-v3
  Ammyy v3 Source Code leak , with ❤️ <3
  ☆36Updated 7 years ago
• ximerus / Kryptonite
  A Win32 PE/Executable Crypter that employs on the fly encryption & decryption of memory
  ☆33Updated 10 years ago
• wes4m / unHooker
  Kernel (Ring0) - SSDT unhook driver
  ☆13Updated 6 years ago
• sysopfb / Unpackers
  My collection of unpackers for malware packers/crypters
  ☆28Updated 7 years ago
• hasherezade / tag_converter
  ☆21Updated 3 years ago
• apriorit / antirootkit-anti-splicer
  The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers
  ☆34Updated 7 years ago
• r41p41 / BotKiller
  find and kill injectedThreads from memory
  ☆10Updated 8 years ago
• hasherezade / loaderine
  A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.
  ☆19Updated 6 years ago
• TalBlum / Anti-Disassembly
  A collection of anti disassembly techniques
  ☆18Updated 7 years ago
• securesean / Shim-Process-Scanner
  Windows x64 Process Scanner to detect application compatability shims
  ☆36Updated 6 years ago
• danielkrupinski / Bleak
  A Windows native DLL injection library written in C# that supports several methods of injection.
  ☆13Updated 5 years ago
• edix / MalwareResourceScanner
  Scanning and identifying XOR encrypted PE files in PE resources
  ☆27Updated 10 years ago
• ajkhoury / Dude-Loader
  Class implementation of PowerLoader injection technique
  ☆29Updated 7 years ago
• pstolarz / asprext
  ASProtect reverse engineering & analysis WinDbg extension
  ☆20Updated 4 years ago
• yaseralnajjar / deobfuscation-helper
  A simple tool to help reverse engineers while dealing with obfuscated code.
  ☆20Updated 8 years ago
• pfussell / pivotal
  A MITM proxy server for reflective DLL injection through WinINet
  ☆15Updated 6 years ago
• weixu8 / RegistryMonitor
  Formely KMon, a Windows Kernel Driver designed to prevent malware attacks by monitoring the creation of registry keys in common autorun l…
  ☆21Updated 10 years ago
• SanseoLab / simpleAVdriver
  Simple AntiVirus Driver example
  ☆37Updated 6 years ago
• apriorit / ReflectiveDLLInjection
  Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loadi…
  ☆15Updated 7 years ago
• mrexodia / BreakpointUnresolved
  Plugin for x64dbg to break on unresolved APIs.
  ☆12Updated 7 years ago
• mrfearless / Today-Plugin-x64
  Today Plugin (x64) - A Plugin For x64dbg
  ☆13Updated 6 years ago