you0708 / lznt1Links
Python implementation of LZNT1 compression/decompression
☆65Updated 5 years ago
Alternatives and similar repositories for lznt1
Users that are interested in lznt1 are comparing it to the libraries listed below
Sorting:
- Enumerate Windows Defender threat families and dump their names according category☆91Updated 6 years ago
- Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment☆123Updated 5 years ago
- Parsers for custom malware formats ("Funky malware formats")☆96Updated 3 years ago
- ☆71Updated 2 years ago
- Transfer EIP control to shellcode during malware analysis investigation☆77Updated 10 years ago
- ☆115Updated 9 years ago
- Scripts for disassembling VBScript p-code in the memory to aid in exploits analysis☆85Updated 3 years ago
- FLARE Kernel Shellcode Loader☆179Updated 6 years ago
- Go Lang Portable Executable Parser☆39Updated 4 years ago
- pyGoRE - Python library for analyzing Go binaries☆65Updated 3 years ago
- CAPE monitor DLLs☆41Updated 5 years ago
- Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks☆68Updated 4 years ago
- A simple API monitor for Windbg☆63Updated 8 years ago
- Simple 32/64-bit PEs loader.☆138Updated 6 years ago
- Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019☆42Updated 5 years ago
- A git history of Windows filesystems☆76Updated 5 years ago
- zer0m0n driver for cuckoo sandbox☆88Updated 9 years ago
- Fileless persistence, attacks and anti-forensic capabilties.☆94Updated 6 years ago
- POC viruses I have created to demo some ideas☆59Updated 5 years ago
- Reflective SO injection is a library injection technique in which the concept of reflective programming is employed to perform the loadin…☆117Updated 9 years ago
- Rekall Memory Forensic Framework☆33Updated 6 years ago
- ☆23Updated 4 years ago
- WIP Emotet Control Flow Unflattening using miasm and radare2☆23Updated 2 years ago
- Windows Shortcut file (LNK) parser☆136Updated 2 years ago
- Small visualizator for PE files☆69Updated 2 years ago
- A simple tool to view important DLL Characteristics and change DEP and ASLR☆44Updated 6 years ago
- A tool that automates regex generation for the x86 and x86-64 instruction sets☆71Updated last year
- Memory Loader Open Source Project by Sentinel-Labs.☆25Updated 4 years ago
- IDA Pro plugin for recognizing known hashes of API function names☆81Updated 3 years ago
- FileInsight-plugins: decoding toolbox of McAfee FileInsight hex editor for malware analysis☆162Updated 9 months ago