yo-yo-yo-jbo / virtual_memory_known_dlls
☆18Updated last year
Related projects ⓘ
Alternatives and complementary repositories for virtual_memory_known_dlls
- Winbindex bot to pull in binaries for specific releases☆46Updated last year
- Extract data of TTD trace file to a minidump☆28Updated last year
- call gates as stable comunication channel for NT x86 and Linux x86_64☆30Updated last year
- rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.☆12Updated last year
- ☆14Updated 2 years ago
- ☆25Updated 3 weeks ago
- ☆24Updated last year
- HEVD Exploit: BufferOverflowNonPagedPoolNx on Windows 10 22H2 - Escalating from Low Integrity to SYSTEM via Aligned Chunk Confusion☆39Updated 3 months ago
- PyKD DLLs for x86 and x64 platforms☆14Updated last year
- Slide of my conference presentations☆11Updated 2 months ago
- Small tool to play with IOCs caused by Imageload events☆38Updated last year
- Get-PDInvokeImports is tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke u…☆51Updated 2 years ago
- Google Chrome Use After Free☆55Updated 2 years ago
- Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich☆14Updated 4 months ago
- rpv-web is a browser based frontend for the rpv library☆25Updated 3 months ago
- ☆60Updated 2 years ago
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆24Updated last year
- Finds imports that could be exploited, still requires manual analysis.☆26Updated 2 years ago
- Aplos an extremely simple fuzzer for Windows binaries.☆66Updated 7 months ago
- Code samples that serve as references for Windows API functions☆12Updated 5 months ago
- Local OXID Resolver (LCLOR) : Research and Tooling☆33Updated 3 years ago
- Contains all the applications developed for the Second part of the 7th Edition of Windows Internals book☆101Updated 4 months ago
- Windows KASLR bypass using prefetch side-channel☆67Updated 6 months ago
- A fast execution trace symbolizer for Windows that runs on all major platforms and doesn't depend on any Microsoft libraries.☆84Updated last month
- Report and exploit of CVE-2023-36427☆87Updated last year
- Enabled / Disable LSA Protection via BYOVD☆62Updated 2 years ago
- ☆30Updated last year
- CVE-2024-40431+CVE-2022-25479 chain for EOP(DATA ONLY ATTACK)☆45Updated last month
- WinDbg extension written in Rust to dump the CPU / memory state of a running VM☆111Updated 2 weeks ago
- Here are some of my malware reversing papers that I will be publishing☆31Updated 2 years ago