scmanjarrez / pymetangineLinks
A python metamorphic engine for PE/PE+ files.
☆15Updated 2 years ago
Alternatives and similar repositories for pymetangine
Users that are interested in pymetangine are comparing it to the libraries listed below
Sorting:
- Kernel Shellcode to add all privileges in token☆13Updated 8 years ago
- Static analysis tools for x86 assembly☆13Updated 8 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆22Updated 8 years ago
- Allows you to add breakpoints from IDA (from the graph/text view) to WinDbg easily☆14Updated 6 years ago
- Kernel-mode file scanner☆18Updated 6 years ago
- hooking KiUserApcDispatcher☆24Updated 8 years ago
- PE Infector/Cryptor source code☆15Updated 8 years ago
- ☆34Updated 7 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆29Updated 8 years ago
- Plugin for x64dbg to break on unresolved APIs.☆12Updated 7 years ago
- A wrapper for capstone for bearparser☆14Updated 2 years ago
- Legal access: The driver and console app to demonstrate the basic memory access in kernel mode☆9Updated 7 years ago
- ☆16Updated 5 years ago
- Simple PE packer with RtlCompressBuffer☆21Updated 9 years ago
- ☆45Updated 4 years ago
- ☆13Updated 7 years ago
- User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.☆19Updated 9 years ago
- PoC || GTFO Article Materials on Kernel Double Free☆12Updated 8 years ago
- A library for interacting with Windows process memory☆7Updated 6 years ago
- Windbg extension that allows you analyze Control Flow Guard map☆35Updated 3 years ago
- ☆11Updated 10 years ago
- Modify data structures in the Windows kernel, hiding processes by PID☆15Updated 7 years ago
- ☆13Updated 6 years ago
- An IDA Pro script for creating a clearer idb for nymaim malware☆10Updated 7 years ago
- Exploiting HEVD's WriteWhatWhereIoctlDispatch for LPE on Windows 10 TH2 through RS3 using GDI objects.☆24Updated 7 years ago
- simple plugin for lastest olly versions to display the callstack☆16Updated 12 years ago
- DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10☆53Updated last year
- a method for undetectable breakpoints in 32-bit Windows programs☆13Updated 11 years ago
- Wow64 syscall hook☆40Updated 8 years ago
- Reverse engineered vmware workstation code to aid in kernel debugging.☆14Updated 9 years ago