ohjeongwook / ShellCodeEmulator
Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment
☆120Updated 4 years ago
Alternatives and similar repositories for ShellCodeEmulator:
Users that are interested in ShellCodeEmulator are comparing it to the libraries listed below
- Parsers for custom malware formats ("Funky malware formats")☆95Updated 3 years ago
- Extract OLEv1 objects from RTF files by instrumenting Word☆51Updated 5 years ago
- FLARE Kernel Shellcode Loader☆176Updated 5 years ago
- Simple library to spray the Windows Kernel Pool☆107Updated 5 years ago
- ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking.☆89Updated 5 years ago
- Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019☆40Updated 5 years ago
- A simple API monitor for Windbg☆63Updated 7 years ago
- Windbg2ida lets you dump each step in Windbg then shows these steps in IDA☆76Updated 8 months ago
- Flare-On solutions☆36Updated 5 years ago
- Process reimaging proof of concept code☆96Updated 5 years ago
- ☆113Updated 8 years ago
- Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code☆181Updated 4 years ago
- IDA python plugin to scan binary with Yara rules☆173Updated last year
- Scripts for disassembling VBScript p-code in the memory to aid in exploits analysis☆84Updated 2 years ago
- libemu shim layer and win32 environment for Unicorn Engine☆71Updated 7 years ago
- A Fuzzer for Windows NDIS Drivers OID Handlers☆93Updated 3 years ago
- Static unpacker for FinSpy VM☆100Updated 3 years ago
- Simple 32/64-bit PEs loader.☆137Updated 6 years ago
- Windows Drivers☆97Updated 5 years ago
- Go Lang Portable Executable Parser☆39Updated 3 years ago
- CAPE monitor DLLs☆39Updated 5 years ago
- WIP Emotet Control Flow Unflattening using miasm and radare2☆23Updated 2 years ago
- A simple tool to view important DLL Characteristics and change DEP and ASLR☆44Updated 6 years ago
- a program to detect reflective dll injection on a live machine☆75Updated 9 years ago
- kernel pool windbg extension☆80Updated 9 years ago
- Official VirusTotal plugin for IDA Pro☆157Updated last year
- ☆68Updated last year
- ☆108Updated 4 years ago
- Process Doppelgänging☆156Updated 7 years ago
- scripts/plugins for IDA Pro☆171Updated 2 months ago