trailofbits / flying-sandbox-monsterLinks
Sandboxed, Rust-based, Windows Defender Client
☆179Updated 7 years ago
Alternatives and similar repositories for flying-sandbox-monster
Users that are interested in flying-sandbox-monster are comparing it to the libraries listed below
Sorting:
- AppJailLauncher in Rust☆109Updated 3 years ago
- ☆172Updated 2 years ago
- rVMI - A New Paradigm For Full System Analysis☆355Updated 7 years ago
- capstone based disassembler for extracting to binnavi☆228Updated 9 years ago
- Simpleator ("Simple-ator") is an innovative Windows-centric x64 user-mode application emulator that leverages several new features that w…☆369Updated 6 years ago
- Semantic Binary Code Analysis Framework☆124Updated 9 years ago
- Shadow-Box: Lightweight and Practical Kernel Protector for x86 (Presented at BlackHat Asia 2017/2018, beVX 2018 and HITBSecConf 2017)☆186Updated 5 years ago
- Hypervisor-Level Debugger based on Radare2 / LibVMI, using VMI IO and debug plugins☆133Updated 6 years ago
- Conference slides and White-papers☆357Updated 5 years ago
- ROPMEMU is a framework to analyze, dissect and decompile complex code-reuse attacks.☆286Updated 9 years ago
- Small tool for generating ropchains using unicorn and z3☆198Updated 7 years ago
- Binary Ninja plugin to decompile binaries using RetDec API☆162Updated 6 years ago
- A user-friendly fuzzing and crash triage tool for Windows☆131Updated 5 years ago
- Loading unsigned code into kernel in Windows 10 (64) with help of VMware Workstation Pro/Player design flaw☆136Updated 8 years ago
- ATrace is a tool for tracing execution of binaries on Windows.☆238Updated 8 years ago
- I Know Where Your Page Lives: Derandomizing the latest Windows 10 Kernel - ZeroNights 2016☆164Updated 8 years ago
- A hypervisor for fuzzing built with WHVP and Bochs☆377Updated 6 years ago
- Xenpwn is a toolkit for memory access tracing using hardware-assisted virtualization☆144Updated 8 years ago
- Hypervisor-based debugger☆189Updated 4 years ago
- The history of Windows Internals via symbols.☆178Updated 3 years ago
- Implementation of the SMM rootkit "The Watcher"☆126Updated 3 years ago
- Binary coverage tool without binary modification for Windows☆436Updated 4 years ago
- C++ application that uses memory and code hooks to detect packers☆270Updated 7 years ago
- A tool dedicated to the research of vulnerabilities in hypervisors by creating unusual system configurations.☆185Updated 2 years ago
- A patch analysis tool☆363Updated 4 years ago
- Kernel Address Space Layout Randomization (KASLR) Recovery Software☆98Updated 8 years ago
- The DrK Attack - Proof of concept☆343Updated 3 years ago
- ☆86Updated 8 years ago
- windows syscall table from xp ~ 10 rs4☆353Updated 7 years ago
- NASM Standard Library for shellcode☆69Updated 8 years ago