seekbytes / MicroSCOPELinks
Static analysis tool that detects potential ransomware in PE and ELF files through heuristic analysis
☆18Updated last year
Alternatives and similar repositories for MicroSCOPE
Users that are interested in MicroSCOPE are comparing it to the libraries listed below
Sorting:
- ☆24Updated 6 months ago
- Rust version of the objdir tool☆13Updated last year
- Source code on the 1.44MB 3.5 floppy accompanying the Windows NT File System Internals book.☆16Updated 5 years ago
- A wrapper around Windows, calls explicitly the lowest possible calls☆13Updated 2 years ago
- Pure Go bindings for Zydis.☆11Updated 11 months ago
- Helper scripts for windows debugging with symbols for Bochs and IDA Pro (PDB files). Very handy for user mode <--> kernel mode☆19Updated last year
- Very simple cross-platform utility to manage your git identities.☆10Updated 2 years ago
- Experiment building lifting-bits dependencies with pure CMake. Migrated to:☆22Updated 8 months ago
- A native Windows library for intercepting kernel-to-user transitions using instrumentation callbacks☆20Updated last year
- Runtime smm module loader☆33Updated 2 years ago
- Go library to parse Executable and Linkable Format (ELF) files.☆49Updated 11 months ago
- Native Rust bindings for @horsicq's Detect-It-Easy☆15Updated 4 months ago
- Generate Go bindings for shared C libraries.☆14Updated 11 months ago
- EDR PoC WIP LLC☆11Updated last year
- This x64dbg plugin allows you to upload your sample to Malcore and view the results.☆37Updated last year
- Practical Reverse Engineering book exercises☆9Updated 4 years ago
- Collection of Windows Driver Utils☆11Updated last year
- A set of small utilities, helpers for PIN tracers☆33Updated last year
- Demonstrate the behavior of the tunnel cache on Windows☆10Updated 5 years ago
- A thin introspection hypervisor framework that allows for low level resource manipulation.☆13Updated last year
- Support Windows OS Reversing by searching easily for references to functions across many DLLs☆34Updated 3 years ago
- Attack tool for altering packed samples so that they evade static packing detection☆19Updated 4 months ago
- Easy encrypt/decrypt data with TPM☆25Updated last year
- FastSymApi - A Fast API PDB Symbol Cache Server that efficiently caches and compresses PDBs on disk for quick and repeated retrieval.☆19Updated 8 months ago
- hypervisor enforced patch protection for the linux kernel with xen + libvmi, libvmi KASLR offset spoofer☆33Updated last year
- Plugin for x64dbg to disable parallel loading of dependencies☆19Updated 2 years ago
- Native API header files for the Process Hacker project (nightly).☆26Updated last week
- An example of how to use Microsoft Windows Warbird technology☆28Updated 2 years ago
- ☆16Updated 2 years ago
- An x64dbg plugin which helps make sense of long C++ symbols☆59Updated 2 years ago