silentsignal / heureka
A toolset to assess the behavioral capabilities of AV/HIPS software
☆8Updated 10 years ago
Related projects: ⓘ
- ☆10Updated 7 years ago
- ☆15Updated this week
- CVE-2014-0816☆24Updated 7 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆21Updated 7 years ago
- ☆12Updated 6 years ago
- Import debugging traces from WinDBG into IDA. Color the graph, fill in the value of all the operands, etc.☆25Updated 11 years ago
- Kernel-mode file scanner☆17Updated 6 years ago
- ☆17Updated this week
- A couple of little tools I've made for working with Windows Drivers☆15Updated 8 years ago
- Anti-AV compilation☆42Updated 10 years ago
- ☆21Updated this week
- ☆28Updated 7 years ago
- ☆22Updated 7 years ago
- API logger plugin for Intel Pintool☆14Updated 6 years ago
- Brand New Code Injection for Windows https://breakingmalware.com/injection-techniques/atombombing-brand-new-code-injection-for-windows☆19Updated 7 years ago
- reversed emet tool☆24Updated 11 years ago
- ☆9Updated 9 years ago
- Internet Explorer MemoryProtection Mitigation☆32Updated 10 years ago
- Using SEH to bypass CFG☆28Updated 7 years ago
- Assembly code to use for Windows kernel shellcode to edit winlogon.exe ACL☆13Updated 7 years ago
- reverse win7 32bit hotpatch implement☆9Updated 10 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆25Updated 7 years ago
- ☆24Updated this week
- ☆13Updated 7 years ago
- Slides of 44Con 2018☆21Updated 5 years ago
- 微软7月布丁增加内存延迟释放机制☆11Updated 10 years ago
- Modify data structures in the Windows kernel, hiding processes by PID☆15Updated 6 years ago
- A sample project for using Capstone from a driver in Visual Studio 2015☆34Updated 8 years ago
- PIN Tool for monitoring calls and writes from obfuscated code.☆26Updated 5 years ago
- ☆12Updated this week