you0708 / lznt1
Python implementation of LZNT1 compression/decompression
☆64Updated 5 years ago
Alternatives and similar repositories for lznt1:
Users that are interested in lznt1 are comparing it to the libraries listed below
- Scripts for disassembling VBScript p-code in the memory to aid in exploits analysis☆84Updated 2 years ago
- Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment☆120Updated 4 years ago
- Parsers for custom malware formats ("Funky malware formats")☆96Updated 3 years ago
- Enumerate Windows Defender threat families and dump their names according category☆90Updated 5 years ago
- FLARE Kernel Shellcode Loader☆176Updated 5 years ago
- pyGoRE - Python library for analyzing Go binaries☆64Updated 3 years ago
- ☆69Updated last year
- Extract OLEv1 objects from RTF files by instrumenting Word☆51Updated 5 years ago
- Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks☆64Updated 3 years ago
- Transfer EIP control to shellcode during malware analysis investigation☆75Updated 10 years ago
- Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code☆181Updated 4 years ago
- A git history of Windows filesystems☆76Updated 4 years ago
- zer0m0n driver for cuckoo sandbox☆87Updated 8 years ago
- CAPE monitor DLLs☆39Updated 5 years ago
- ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking.☆89Updated 5 years ago
- Dynamic PowerShell Analysis Framework Based Upon PowerShell Debugging Functionality☆83Updated 2 years ago
- Log ALPC activity☆82Updated last year
- Simple library to spray the Windows Kernel Pool☆107Updated 5 years ago
- ☆33Updated 3 years ago
- A collection of empty MSVC projects, compiled using various versions and configurations of Visual Studio.☆32Updated 9 months ago
- Flare-On solutions☆36Updated 5 years ago
- Windows Console Monitoring☆99Updated 7 years ago
- IDA Pro resources, scripts, and configurations☆111Updated last year
- SentinelOne's KeRnel Exploits Advanced Mitigations☆53Updated 6 years ago
- Windows Shortcut file (LNK) parser☆134Updated 2 years ago
- A simple API monitor for Windbg☆63Updated 7 years ago
- This is a simple tool to dump all the reparse points on an NTFS volume.☆33Updated 4 years ago
- Smart DLL execution for malware analysis in sandbox systems☆143Updated 10 years ago
- Win32k Exploit by Grant Willcox☆88Updated 5 years ago
- Pure Python parser for Application Compatibility Shim Databases (.sdb files)☆109Updated 4 years ago