skelsec / minidumpLinks
Python library to parse and read Microsoft minidump file format
☆293Updated 8 months ago
Alternatives and similar repositories for minidump
Users that are interested in minidump are comparing it to the libraries listed below
Sorting:
- Extract Windows Defender database from vdm files and unpack it☆462Updated last month
- Exploring RPC interfaces on Windows☆330Updated last year
- Expriments☆468Updated last year
- Sysmon-Like research tool for ETW☆365Updated 2 years ago
- ☆300Updated 4 years ago
- Universal Unhooking☆325Updated 7 years ago
- A Bind Shell Using the Fax Service and a DLL Hijack☆331Updated 5 years ago
- PoC for proxying COM objects when hijacking☆211Updated 6 years ago
- Quickly debug shellcode extracted during malware analysis☆615Updated 2 years ago
- This is a simple example and explanation of obfuscating API resolution via hashing☆237Updated 5 years ago
- Demos of various (also non standard) persistence methods used by malware☆223Updated 2 years ago
- Find patterns of vulnerabilities on Windows in order to find 0-day and write exploits of 1-days. We use Microsoft security updates in ord…☆189Updated 4 years ago
- A more stealthy variant of "DLL hollowing"☆359Updated last year
- Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …☆112Updated 4 years ago
- This respository is a collection of C# class libraries which implement RPC clients for various versions of the Windows Operating System f…☆280Updated 5 years ago
- A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.☆183Updated 5 months ago
- ☆494Updated 8 years ago
- My implementation of enSilo's Process Doppelganging (PE injection technique)☆628Updated 3 years ago
- Enumerating and removing kernel callbacks using signed vulnerable drivers☆579Updated 2 years ago
- FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!☆344Updated 3 years ago
- Just another Windows Process Injection☆401Updated 5 years ago
- Example code for EDR bypassing☆150Updated 6 years ago
- PeaceMaker Threat Detection is a Windows kernel-based application that detects advanced techniques used by malware.☆426Updated 5 years ago
- Managed assembly shellcode generation☆274Updated 4 years ago
- Kernel Exploits☆260Updated 4 years ago
- Adaptive DLL hijacking / dynamic export forwarding☆790Updated 5 years ago
- RPC Monitor tool based on Event Tracing for Windows☆372Updated last year
- Tools and technical write-ups describing attacking techniques that rely on concealing code execution on Windows☆217Updated 3 years ago
- ☆479Updated 2 years ago
- Yet another variant of Process Hollowing☆420Updated 2 months ago