ufrisk / LeechCore-plugins

Related projects: ⓘ

• ajkhoury / pdbfetch
  Fetch PDB symbols directly from Microsoft's symbol servers
  ☆41Updated 2 years ago
• therealdreg / ida_vmware_windows_gdb
  Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)
  ☆57Updated last year
• hfiref0x / AsIo3Unlock
  ASUSTeK AsIO3 I/O driver unlock
  ☆19Updated 3 years ago
• therealdreg / windbgtocstruct
  Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…
  ☆26Updated last year
• shamrockhoax / mazedecoder
  ☆28Updated 4 years ago
• IntroVirt / IntroVirt
  IntroVirt is an guest introspection library for KVM
  ☆49Updated 2 weeks ago
• Alex3434 / Binja-SigMaker
  SigMaker plugin for Binary Ninja
  ☆9Updated 4 years ago
• Rat431 / ColdHide
  (DEPRECATED) A simple anti-anti debug library for Windows
  ☆29Updated 4 years ago
• Gbps / CapcomLib
  A reflexive driver loader to bypass Windows DSE (featuring a custom PE loader)
  ☆37Updated 6 years ago
• therealdreg / cgaty
  Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)
  ☆69Updated last year
• XShar / Super_Hide_String
  Скрытие строки от отладчиков и декомпиляторов
  ☆51Updated 4 years ago
• mrexodia / MiniDumpPlugin
  Simple x64dbg plugin to save a full memory dump
  ☆49Updated last year
• calware / HV-Playground
  A simple and heavily documented series of test hypervisors built for 64-bit Windows 10 systems running under Intel's VT-x
  ☆29Updated 3 years ago
• SinaKarvandi / x64-Driver-Inline-Assembly
  This is a simple driver with x64 inline assembly
  ☆52Updated 4 years ago
• Internet-2-0 / Malcore-x64dbg
  This x64dbg plugin allows you to upload your sample to Malcore and view the results.
  ☆31Updated last year
• hasherezade / pin_n_sieve
  An experimental dynamic malware unpacker based on Intel Pin and PE-sieve
  ☆57Updated 3 weeks ago
• SouhailHammou / KernelSymbolsHelper
  Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…
  ☆52Updated 5 years ago
• alfarom256 / drivers_and_shit
  ☆56Updated 2 years ago
• sh4m2hwz / devirt_vmp
  devirtualization vmprotect
  ☆59Updated last year
• Sinclairq / byte_stinker
  ☆15Updated this week
• samshine / ScyllaHideDetector2
  Allows you to find the use of ScyllaHide, if your program will debug and restore hooking functions bytes.
  ☆22Updated 5 years ago
• ajkhoury / Errata1337
  ☆64Updated 3 years ago
• mrexodia / MBR
  EDR PoC WIP LLC
  ☆10Updated 7 months ago
• repnz / windows-imports-searcher
  Support Windows OS Reversing by searching easily for references to functions across many DLLs
  ☆33Updated 2 years ago
• ergrelet / triton-bn
  Binary Ninja plugin that can be used to apply Triton's dead store eliminitation pass on basic blocks or functions.
  ☆56Updated 2 months ago
• yardenshafir / cet-research
  A collection of tools, source code, and papers researching Windows' implementation of CET.
  ☆72Updated 3 years ago
• ajkhoury / RemoteCode-Kernel
  Simple code generation library developed in C intended for code generation in Kernel mode
  ☆16Updated last year
• gmh5225 / Driver-SoulExtraction
  SoulExtraction is a windows driver library for extracting cert information in windows drivers
  ☆20Updated last year
• t3ssellate / unmapper
  An automatic tool for fixing dumped PE files
  ☆42Updated 4 years ago
• SamuelTulach / EfiDump
  ☆40Updated this week