reverseame / winapi-categoriesLinks
Windows API (WinAPI) functions and system calls with categories in JSON format, including arguments (SAL notation) and more.
☆25Updated 7 months ago
Alternatives and similar repositories for winapi-categories
Users that are interested in winapi-categories are comparing it to the libraries listed below
Sorting:
- Writeups for CTF challenges☆35Updated 2 years ago
- ☆122Updated 3 weeks ago
- ☆113Updated 4 months ago
- Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …☆111Updated 4 years ago
- Research notes☆130Updated last year
- Powershell Linter☆86Updated last month
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆118Updated 2 years ago
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…☆203Updated 4 months ago
- A tool that automates regex generation for the x86 and x86-64 instruction sets☆71Updated last year
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …☆168Updated last year
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆124Updated last year
- Use YARA rules on Time Travel Debugging traces☆96Updated 2 years ago
- Recon 2023 slides and code☆80Updated 2 years ago
- Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules☆141Updated this week
- A golang CLI tool to download malware from a variety of sources.☆151Updated 6 months ago
- Dump quarantined files from Windows Defender☆73Updated 3 years ago
- Code snips and notes☆140Updated 3 years ago
- A collection of modules and scripts to help with analyzing Nim binaries☆83Updated last year
- ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…☆164Updated last month
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆45Updated 2 years ago
- SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…☆478Updated 7 months ago
- msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation to be used within IDA.☆161Updated 2 years ago
- Python tool to check rootkits in Windows kernel☆206Updated 5 months ago
- Generate Volatility3 profiles from BTF.☆31Updated last year
- runsc loads 32/64 bit shellcode (depending on how runsc is compiled) in a way that makes it easy to load in a debugger. This code is base…☆38Updated 3 years ago
- Repository of Yara Rules☆138Updated 2 weeks ago
- Vulnerable driver research tool, result and exploit PoCs☆227Updated 2 years ago
- A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck☆131Updated 2 years ago
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆82Updated 2 years ago
- ELFEN: Automated Linux Malware Analysis Sandbox☆136Updated 5 months ago