yo-yo-yo-jbo / virtual_memory_known_dlls
☆18Updated last year
Related projects ⓘ
Alternatives and complementary repositories for virtual_memory_known_dlls
- Winbindex bot to pull in binaries for specific releases☆46Updated last year
- Extract data of TTD trace file to a minidump☆28Updated last year
- ☆24Updated 11 months ago
- call gates as stable comunication channel for NT x86 and Linux x86_64☆30Updated last year
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆24Updated last year
- rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.☆12Updated last year
- ☆25Updated last week
- How to set up 2 VirtualBox VM to debug kernel driver using windbg☆49Updated 2 years ago
- Slide of my conference presentations☆11Updated 2 months ago
- Local OXID Resolver (LCLOR) : Research and Tooling☆33Updated 3 years ago
- A UEFI extraction tool☆11Updated this week
- HEVD Exploit: BufferOverflowNonPagedPoolNx on Windows 10 22H2 - Escalating from Low Integrity to SYSTEM via Aligned Chunk Confusion☆39Updated 3 months ago
- Slides from various conference talks☆36Updated last year
- Google Chrome Use After Free☆55Updated 2 years ago
- Here are some of my malware reversing papers that I will be publishing☆31Updated 2 years ago
- rpv-web is a browser based frontend for the rpv library☆25Updated 3 months ago
- RenameLocalVars is an IDA plugin that renames local variables to something easier to read.☆15Updated last year
- Report and exploit of CVE-2024-21305.☆30Updated 9 months ago
- ☆65Updated last year
- Aplos an extremely simple fuzzer for Windows binaries.☆66Updated 7 months ago
- Finds imports that could be exploited, still requires manual analysis.☆26Updated 2 years ago
- CVE-2024-40431+CVE-2022-25479 chain for EOP(DATA ONLY ATTACK)☆43Updated 3 weeks ago
- Enabled / Disable LSA Protection via BYOVD☆62Updated 2 years ago
- A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.☆28Updated 2 years ago
- Get-PDInvokeImports is tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke u…☆51Updated 2 years ago
- Small tool to play with IOCs caused by Imageload events☆37Updated last year
- ☆17Updated 3 years ago
- ☆14Updated 2 years ago
- Windows KASLR bypass using prefetch side-channel☆68Updated 6 months ago
- C# implementation to produce ROR-13 numeric hash for given function API name☆31Updated 5 years ago