p0dalirius / pdbdownload
A Python script to download PDB files associated with a Portable Executable (PE)
☆116Updated 4 months ago
Related projects ⓘ
Alternatives and complementary repositories for pdbdownload
- IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).☆85Updated 2 years ago
- ☆135Updated last year
- ☆65Updated last year
- Abusing exceptions for code execution.☆107Updated last year
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆93Updated last year
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆115Updated 3 months ago
- ☆132Updated 10 months ago
- rp-bf: A library to bruteforce ROP gadgets by emulating a Windows user-mode crash-dump☆112Updated 6 months ago
- Minifilter Callback Patching Proof-of-Concept☆62Updated 2 years ago
- A kernel vulnerability used to achieve arbitrary read-write on Windows prior to July 2022☆105Updated 2 years ago
- Static Binary Instrumentation tool for Windows x64 executables☆180Updated 3 weeks ago
- msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation to be used within IDA.☆148Updated 10 months ago
- a PE Loader and Windows API tracer. Useful in malware analysis.☆137Updated 2 years ago
- Report and exploit of CVE-2023-36427☆87Updated last year
- Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2☆221Updated 2 years ago
- Writeups for CTF challenges☆30Updated last year
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆111Updated 4 months ago
- A fast execution trace symbolizer for Windows that runs on all major platforms and doesn't depend on any Microsoft libraries.☆84Updated last month
- ☆82Updated 5 months ago
- ☆95Updated 2 years ago
- Finding Truth in the Shadows☆84Updated last year
- WinDbg extension written in Rust to dump the CPU / memory state of a running VM☆111Updated 2 weeks ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆239Updated 2 years ago
- A code parser for C-Style header files that lets you to parse function's prototypes and data types used in their parameters.☆93Updated 2 years ago
- The Windbg extension that implements commands helpful to study Hyper-V on Intel processors.☆130Updated last month
- A journal for $6,000 Riot Vanguard bounty.☆57Updated last year
- A attempt at replicating BLACKLOTUS capabilities, whilst not acting as a direct mimic.☆85Updated last year
- BYOVD: Loading dbk64.sys and grabbing a handle to it☆149Updated 2 years ago
- LPE exploit for CVE-2023-36802☆22Updated last year
- ☆43Updated 2 years ago