silverf0x / RpcView
RpcView is a free tool to explore and decompile Microsoft RPC interfaces
☆905Updated 11 months ago
Related projects: ⓘ
- A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl☆1,082Updated last week
- Obfuscate specific windows apis with different apis☆978Updated 3 years ago
- Portable Executable parsing library (from PE-bear)☆648Updated 3 weeks ago
- proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC☆1,096Updated 4 months ago
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆785Updated 2 years ago
- Examples of leaking Kernel Mode information from User Mode on Windows☆574Updated 7 years ago
- Windows process injection methods☆122Updated last year
- Windows NT Syscall tables☆1,122Updated last month
- A Pin Tool for tracing API calls etc☆1,268Updated 3 weeks ago
- WinDBG Anti-RootKit Extension☆612Updated 4 years ago
- ☆782Updated 4 years ago
- Native API header files for the System Informer project.☆1,009Updated last week
- Shellcode Compiler☆1,043Updated 2 weeks ago
- Windows Object Explorer 64-bit☆1,619Updated 2 months ago
- Windows NT x64 syscall fuzzer☆584Updated last year
- Protected Processes Light Killer☆875Updated last year
- Official x64dbg plugin for IDA Pro.☆440Updated last year
- Converts a DLL into EXE☆788Updated last year
- ☆746Updated last year
- XNTSV program for detailed viewing of system structures for Windows.☆439Updated this week
- Syscall Monitor is a system monitor program (like Sysinternal's Process Monitor) using Intel VT-X/EPT for Windows7+☆718Updated 7 years ago
- My implementation of enSilo's Process Doppelganging (PE injection technique)☆577Updated 2 years ago
- Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode☆2,100Updated 10 months ago
- Dynamic unpacker based on PE-sieve☆650Updated 6 months ago
- DEFCON 27 workshop - Modern Debugging with WinDbg Preview☆701Updated last year
- Detours with just single dependency - NTDLL☆596Updated 2 years ago
- Run a Exe File (PE Module) in memory (like an Application Loader)☆831Updated 3 years ago
- PE-bear (builds only)☆765Updated last year
- Windows Kernel Drivers fuzzer☆289Updated 7 years ago
- Driver loader for bypassing Windows x64 Driver Signature Enforcement☆1,024Updated 5 years ago