push0ebp / xMalHunter
x64dbg Malware Plugin. Detect malicious materials
☆15Updated 4 years ago
Alternatives and similar repositories for xMalHunter:
Users that are interested in xMalHunter are comparing it to the libraries listed below
- VEH Redirect & VEH Debugger☆23Updated 4 years ago
- Simple x64dbg plugin to show registers on every step.☆16Updated 5 years ago
- Dump PDB Symbols including support for Bochs Debugging Format (with wine support)☆15Updated last year
- A wrapper for capstone for bearparser☆13Updated 2 years ago
- Triton based symbolic emulator☆16Updated 2 years ago
- Windbg extension that allows you analyze Control Flow Guard map☆34Updated 3 years ago
- Code Integrity Violation Spotter☆16Updated 9 months ago
- Helper scripts for windows debugging with symbols for Bochs and IDA Pro (PDB files). Very handy for user mode <--> kernel mode☆19Updated last year
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆29Updated 7 years ago
- ☆19Updated 5 years ago
- NoREpls - Application designed for the purposes of reverse engineering.☆11Updated 6 years ago
- ☆13Updated 3 years ago
- Allows you to add breakpoints from IDA (from the graph/text view) to WinDbg easily☆14Updated 6 years ago
- Currently proof-of-concept☆16Updated 3 years ago
- Window Executable file Function tracer using Debugging API☆44Updated 5 years ago
- Code Coverage client for DynamoRIO☆12Updated 6 years ago
- Simple DLL and client app that work together to hook all the functions in WinHvPlatform.dll in order to provide logging and introspection…☆15Updated 3 years ago
- Just an example of a well-known technique to detect memory tampering via Windows Working Sets.☆16Updated 3 years ago
- vm -- code interpreter☆26Updated 5 years ago
- A debugger backend for IDA Pro built on top of of Intel’s PIN framework☆32Updated last year
- dk is a WinDbg extenion for dumping memory data in meaningful and organized ways, it is an enhancement of my previous tokenext project.☆24Updated last year
- An API Monitor based on Instrumentation☆43Updated 7 years ago
- idax: IDASDK extension libraries☆19Updated 7 months ago
- A benign application used to demonstrate an EDR detection. This version is procedural (i.e., not object-oriented).☆1Updated 2 years ago
- Kernel Shellcode to add all privileges in token☆13Updated 8 years ago
- ☆24Updated 8 years ago
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year
- Takes a Windbg dumped structure (using the 'dt' command) and formats it into a C structure☆35Updated 8 months ago
- findLoop - find possible encryption/decryption or compression/decompression code☆26Updated 5 years ago
- Kernel Cache Decryption for iOS☆14Updated 3 years ago