patrickmatula / Windows-Internals-Learning-ResourcesLinks
☆103Updated 9 months ago
Alternatives and similar repositories for Windows-Internals-Learning-Resources
Users that are interested in Windows-Internals-Learning-Resources are comparing it to the libraries listed below
Sorting:
- ☆108Updated 9 months ago
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆118Updated last year
- Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules☆119Updated this week
- Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …☆37Updated 6 months ago
- A CIA tradecraft technique to asynchronously detect when a process is created using WMI.☆134Updated last year
- A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue☆99Updated last year
- Aplos an extremely simple fuzzer for Windows binaries.☆69Updated 6 months ago
- ☆113Updated last month
- Analyse MSI files for vulnerabilities☆138Updated 11 months ago
- ☆68Updated 6 months ago
- Work in progress experiments with reverse shells, AV bypass and extraction of secrets from memory in C☆39Updated 5 years ago
- lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.☆114Updated 11 months ago
- Recon 2023 slides and code☆79Updated 2 years ago
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …☆158Updated last year
- ☆58Updated 4 months ago
- A C++ tool for process memory scanning & suspicious telemetry generation that attempts to detect a number of malicious techniques used by…☆84Updated last year
- ☆105Updated last year
- ☆173Updated 4 months ago
- A collection of small scripts and tools for deobfuscation and malware analysis.☆66Updated 2 years ago
- ☆160Updated 5 months ago
- .NET tool used to enrich RPC telemetry☆96Updated 2 months ago
- Payload encoding utility to effectively lower payload entropy.☆119Updated 4 months ago
- Vibe Malware Triage - MCP server for static PE analysis.☆68Updated 3 months ago
- ☆120Updated last year
- Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io☆86Updated last month
- "Service-less" driver loading☆159Updated 9 months ago
- A simple commandline application to automatically decrypt strings from Obfuscator protected binaries☆46Updated last year
- ☆108Updated 2 years ago
- ☆37Updated 8 months ago
- ☆31Updated 6 months ago