sha0coder / mwemuLinks
x86 malware emulator
☆226Updated last week
Alternatives and similar repositories for mwemu
Users that are interested in mwemu are comparing it to the libraries listed below
Sorting:
- msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation to be used within IDA.☆152Updated last year
- Kernel Exploits☆257Updated 4 years ago
- Load DLLs from memory with rust☆141Updated 3 years ago
- A DTrace on Windows Reimplementation☆351Updated 6 months ago
- BYOVD: Loading dbk64.sys and grabbing a handle to it☆157Updated 3 years ago
- a PE Loader and Windows API tracer. Useful in malware analysis.☆143Updated 2 years ago
- ☆147Updated 2 years ago
- A command line Windows API tracing tool for Golang binaries.☆157Updated last year
- Web-based tool that allows comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the …☆346Updated last week
- Static Binary Instrumentation tool for Windows x64 executables☆206Updated 3 months ago
- ☆300Updated 4 years ago
- ☆163Updated 3 years ago
- A utility to fix intentionally corrupted UPX packed files.☆90Updated 2 years ago
- A simple ptrace-less shared library injector for x64 Linux☆265Updated 2 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆252Updated 2 years ago
- A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.☆181Updated 4 months ago
- Anti-Debug encyclopedia contains methods used by malware to verify if they are executed under debugging. It includes the description of v…☆60Updated last year
- ☆106Updated 2 years ago
- Yet another variant of Process Hollowing☆412Updated 3 weeks ago
- Set of antianalysis techniques found in malware☆131Updated 2 years ago
- Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.☆153Updated 2 years ago
- This project provides a collection of Microsoft Windows kernel structures, unions and enumerations. Most of them are not officially docum…☆213Updated 6 months ago
- Parse .NET executable files.☆77Updated last month
- Abusing exceptions for code execution.☆111Updated 2 years ago
- HashDB API hash lookup plugin for IDA Pro☆330Updated 2 months ago
- Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2☆231Updated 3 years ago
- Advanced driver monitoring utility.☆216Updated 3 years ago
- ROPfuscator is a fine-grained code obfuscation framework for C/C++ programs using ROP (return-oriented programming).☆431Updated last year
- Reverse engineered source code of the autochk rootkit☆205Updated 5 years ago
- Find patterns of vulnerabilities on Windows in order to find 0-day and write exploits of 1-days. We use Microsoft security updates in ord…☆188Updated 4 years ago