skelsec / minidumpLinks
Python library to parse and read Microsoft minidump file format
☆294Updated 9 months ago
Alternatives and similar repositories for minidump
Users that are interested in minidump are comparing it to the libraries listed below
Sorting:
- Extract Windows Defender database from vdm files and unpack it☆466Updated 2 months ago
- Exploring RPC interfaces on Windows☆332Updated last year
- Sysmon-Like research tool for ETW☆368Updated 2 years ago
- Universal Unhooking☆325Updated 7 years ago
- Expriments☆473Updated last year
- A more stealthy variant of "DLL hollowing"☆357Updated last year
- PoC for proxying COM objects when hijacking☆212Updated 6 years ago
- ☆302Updated 4 years ago
- A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.☆183Updated 6 months ago
- This is a simple example and explanation of obfuscating API resolution via hashing☆237Updated 5 years ago
- My implementation of enSilo's Process Doppelganging (PE injection technique)☆627Updated 3 years ago
- A Bind Shell Using the Fax Service and a DLL Hijack☆331Updated 5 years ago
- This respository is a collection of C# class libraries which implement RPC clients for various versions of the Windows Operating System f…☆278Updated 5 years ago
- Find patterns of vulnerabilities on Windows in order to find 0-day and write exploits of 1-days. We use Microsoft security updates in ord…☆190Updated 4 years ago
- Enumerating and removing kernel callbacks using signed vulnerable drivers☆581Updated 2 years ago
- Just another Windows Process Injection☆401Updated 5 years ago
- Windows System Programming Experiments☆223Updated 3 years ago
- Demos of various (also non standard) persistence methods used by malware☆221Updated 2 years ago
- Yet another variant of Process Hollowing☆420Updated 2 months ago
- Phantom DLL hollowing PoC☆366Updated 3 years ago
- FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!☆344Updated 3 years ago
- A meterpreter extension for applying hooks to avoid windows defender memory scans☆247Updated 5 years ago
- RPC Monitor tool based on Event Tracing for Windows☆371Updated last year
- Quickly debug shellcode extracted during malware analysis☆612Updated 2 years ago
- A way to delete a locked file, or current running executable, on disk.☆606Updated 2 months ago
- An extensible framework for easily writing compiler optimized position independent x86 / x64 shellcode for windows platforms.☆527Updated 3 months ago
- Files for the packer tutorial☆73Updated 4 years ago
- Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …☆112Updated 4 years ago
- FLARE Kernel Shellcode Loader☆178Updated 6 years ago
- Events from all manifest-based and mof-based ETW providers across Windows 10 versions☆311Updated last year