sha0coder / mwemuLinks
x86 malware emulator
☆225Updated last week
Alternatives and similar repositories for mwemu
Users that are interested in mwemu are comparing it to the libraries listed below
Sorting:
- A command line Windows API tracing tool for Golang binaries.☆156Updated last year
- Kernel Exploits☆257Updated 4 years ago
- A DTrace on Windows Reimplementation☆349Updated 6 months ago
- BYOVD: Loading dbk64.sys and grabbing a handle to it☆156Updated 3 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆251Updated 2 years ago
- a PE Loader and Windows API tracer. Useful in malware analysis.☆143Updated 2 years ago
- Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.☆153Updated 2 years ago
- Web-based tool that allows comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the …☆345Updated this week
- Yet another variant of Process Hollowing☆405Updated this week
- msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation to be used within IDA.☆152Updated last year
- A simple ptrace-less shared library injector for x64 Linux☆263Updated 2 years ago
- HashDB API hash lookup plugin for IDA Pro☆327Updated 2 months ago
- ☆300Updated 4 years ago
- Load DLLs from memory with rust☆140Updated 3 years ago
- A utility to fix intentionally corrupted UPX packed files.☆89Updated 2 years ago
- ROPfuscator is a fine-grained code obfuscation framework for C/C++ programs using ROP (return-oriented programming).☆428Updated last year
- Anti-Debug encyclopedia contains methods used by malware to verify if they are executed under debugging. It includes the description of v…☆60Updated last year
- ☆146Updated 2 years ago
- Code Injection, Inject malicious payload via pagetables pml4.☆241Updated 4 years ago
- This project provides a collection of Microsoft Windows kernel structures, unions and enumerations. Most of them are not officially docum…☆209Updated 5 months ago
- ☆105Updated 2 years ago
- A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.☆180Updated 3 months ago
- PoC capable of detecting manual syscalls from usermode.☆197Updated 8 months ago
- ☆162Updated 3 years ago
- Advanced driver monitoring utility.☆215Updated 3 years ago
- Abusing exceptions for code execution.☆111Updated 2 years ago
- Set of antianalysis techniques found in malware☆132Updated last year
- Small tool to convert beteween the PE alignments (raw and virtual).☆93Updated 2 years ago
- Parse .NET executable files.☆76Updated 3 weeks ago
- Static Binary Instrumentation tool for Windows x64 executables☆207Updated 3 months ago