seekbytes / MicroSCOPE
Static analysis tool that can identify potential ransomware on PE or ELF files based on heuristics
☆14Updated 8 months ago
Related projects: ⓘ
- Go library to parse Executable and Linkable Format (ELF) files.☆38Updated 2 months ago
- A thin introspection hypervisor framework that allows for low level resource manipulation.☆9Updated 7 months ago
- EDR PoC WIP LLC☆10Updated 7 months ago
- Rust program for interfacing with the gigabyte driver to gain access to powerful primitives such as arbitrary kernel memcpy.☆17Updated last year
- Oceantoo is an XOR/LFSR based encryption algorithm☆15Updated 2 years ago
- A Linux x86/x86-64 tool to trace registers and memory regions.☆34Updated 2 years ago
- hypervisor enforced patch protection for the linux kernel with xen + libvmi, libvmi KASLR offset spoofer☆27Updated 4 months ago
- Helper scripts for windows debugging with symbols for Bochs and IDA Pro (PDB files). Very handy for user mode <--> kernel mode☆18Updated last year
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year
- An example of how to use Microsoft Windows Warbird technology☆24Updated last year
- Runtime smm module loader☆30Updated last year
- Tool to extract contents from the memory of Windows systems.☆13Updated last year
- Collaboration platform for reverse engineering tools.☆38Updated 3 months ago
- A repo with a listing of binary ninja scripts + plugins (massively inspired by https://github.com/onethawt/idaplugins-list)☆16Updated 7 years ago
- IDA's Lumina feature, reimplemented for Ghidra☆18Updated last year
- api-tracer is a tiny (useless) tracer☆14Updated last year
- ☆35Updated last year
- Plugin for x64dbg to disable parallel loading of dependencies☆19Updated 2 years ago
- Windows kernel driver template for cmkr and llvm-msvc.☆32Updated 9 months ago
- Lightweight x86-64 disassembling library☆38Updated 2 years ago
- Taking advantage of CRT initialization, to get away with hooking protected applications☆41Updated last year
- Hardware Spoofing & VirtualBox-Hardening x64 Bootkit☆14Updated last year
- x64dbg python3 plugin☆21Updated 9 months ago
- Rizin Signature Database (Source)☆12Updated last year
- A Windows API hooking library !☆30Updated 2 years ago
- x86_64, PE32+, FAT32 bootloader☆25Updated 3 years ago
- Windows Minidump loader for Ghidra☆19Updated last year
- genpatch is IDA plugin that generates a python script for patching binary☆30Updated 8 months ago
- Input-output driver☆22Updated last year
- A set of small utilities, helpers for PIN tracers☆31Updated 11 months ago