trailofbits / flying-sandbox-monsterLinks
Sandboxed, Rust-based, Windows Defender Client
☆179Updated 7 years ago
Alternatives and similar repositories for flying-sandbox-monster
Users that are interested in flying-sandbox-monster are comparing it to the libraries listed below
Sorting:
- AppJailLauncher in Rust☆109Updated 3 years ago
- A tool dedicated to the research of vulnerabilities in hypervisors by creating unusual system configurations.☆185Updated 2 years ago
- ☆172Updated 3 years ago
- NASM Standard Library for shellcode☆69Updated 8 years ago
- Hypervisor-Level Debugger based on Radare2 / LibVMI, using VMI IO and debug plugins☆134Updated 6 years ago
- Simpleator ("Simple-ator") is an innovative Windows-centric x64 user-mode application emulator that leverages several new features that w…☆369Updated 6 years ago
- Shadow-Box: Lightweight and Practical Kernel Protector for x86 (Presented at BlackHat Asia 2017/2018, beVX 2018 and HITBSecConf 2017)☆186Updated 6 years ago
- Full-bin indexation of binary files☆95Updated 7 years ago
- Conference slides and White-papers☆357Updated 5 years ago
- An example sandbox using AppContainer (Windows 8+)☆138Updated 5 years ago
- Xenpwn is a toolkit for memory access tracing using hardware-assisted virtualization☆144Updated 8 years ago
- rVMI - A New Paradigm For Full System Analysis☆355Updated 7 years ago
- capstone based disassembler for extracting to binnavi☆228Updated 9 years ago
- Semantic Binary Code Analysis Framework☆124Updated 9 years ago
- ☆86Updated 8 years ago
- C++ application that uses memory and code hooks to detect packers☆270Updated 7 years ago
- Implementation of the SMM rootkit "The Watcher"☆128Updated 3 years ago
- Kernel Address Space Layout Randomization (KASLR) Recovery Software☆98Updated 8 years ago
- grap: define and match graph patterns within binaries☆171Updated 4 years ago
- Loading unsigned code into kernel in Windows 10 (64) with help of VMware Workstation Pro/Player design flaw☆138Updated 8 years ago
- Bunch of techniques potentially used by malware to detect analysis environments☆159Updated 8 years ago
- ROPMEMU is a framework to analyze, dissect and decompile complex code-reuse attacks.☆286Updated 9 years ago
- High-throughput fuzzer and emulator of DECREE binaries☆242Updated 5 years ago
- I Know Where Your Page Lives: Derandomizing the latest Windows 10 Kernel - ZeroNights 2016☆164Updated 8 years ago
- A hypervisor for fuzzing built with WHVP and Bochs☆377Updated 6 years ago
- The history of Windows Internals via symbols.☆178Updated 3 years ago
- A program to draw rectangles from heap traces.☆135Updated 5 years ago
- The DrK Attack - Proof of concept☆344Updated 3 years ago
- Small tool for generating ropchains using unicorn and z3☆198Updated 7 years ago
- A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.☆435Updated 6 years ago