rcanzanese / SystemCallService
Process / thread-level system call tracer for Windows 7 / 8 / 2008 / 2012
☆21Updated 9 years ago
Alternatives and similar repositories for SystemCallService:
Users that are interested in SystemCallService are comparing it to the libraries listed below
- Decrement Windows Kernel for fun and profit☆38Updated 7 years ago
- ☆33Updated 7 years ago
- Malware Analysis, Anti-Analysis, and Anti-Anti-Analysis☆45Updated 7 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆22Updated 7 years ago
- Anti-AV compilation☆42Updated 11 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆29Updated 8 years ago
- Blog posts☆30Updated 4 years ago
- Class implementation of PowerLoader injection technique☆29Updated 8 years ago
- ☆16Updated 7 years ago
- PCAUSA Rawether for Windows Local Privilege Escalation☆38Updated 8 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆77Updated 9 years ago
- Bootkits Revisited☆41Updated 10 years ago
- PoC for Bypassing UM Hooks By Bruteforcing Intel Syscalls☆39Updated 9 years ago
- User-mode hook bypassing method☆33Updated 8 years ago
- A set of small utilities, helpers for PIN tracers☆33Updated last year
- Shellcode injection using debugging APIs☆19Updated 11 years ago
- ☆28Updated 7 years ago
- VB Exe Parser is an IDA script written in Python. This script will help you to parse VB program internal structures. It can find: Event, …☆16Updated 8 years ago
- A wrapper for capstone for bearparser☆14Updated 2 years ago
- Материалы к статье "Препарируем Hyper V"☆13Updated 10 years ago
- This repository contains some tools that I have written in the past☆28Updated last year
- drvtriks kernel driver for Windows 7 SP1 and 8.1 x64, that tricks around in your system.☆31Updated 7 years ago
- Windbg extension that allows you analyze Control Flow Guard map☆34Updated 3 years ago
- ☆32Updated 6 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 7 years ago
- deprecated☆26Updated 6 years ago
- ☆22Updated 4 years ago
- ☆18Updated 8 years ago
- Experimental Windows .text section Patch Detector☆21Updated 10 years ago
- ☆10Updated 7 years ago