zed-0xff / pedump
dump windows PE files using ruby
☆309Updated 2 months ago
Related projects: ⓘ
- Portable Executable parsing library (from PE-bear)☆648Updated 3 weeks ago
- C++ application that uses memory and code hooks to detect packers☆266Updated 6 years ago
- This is the main repository for metasm, a free assembler / disassembler / compiler written in ruby☆463Updated 8 months ago
- Windows registry file format specification☆319Updated 5 years ago
- Persistent IAT hooking application - based on bearparser☆246Updated 2 years ago
- windows syscall table from xp ~ 10 rs4☆348Updated 6 years ago
- Incident Response & Digital Forensics Debugging Extension☆367Updated 5 years ago
- Labeless is a multipurpose IDA Pro plugin system for labels/comments synchronization with a debugger backend, with complex memory dumping…☆511Updated 2 years ago
- Drltrace is a library calls tracer for Windows and Linux applications.☆387Updated 4 years ago
- A patch analysis tool☆359Updated 4 years ago
- DriverBuddy is an IDA Python script to assist with the reverse engineering of Windows kernel drivers.☆350Updated 4 years ago
- ATrace is a tool for tracing execution of binaries on Windows.☆236Updated 8 years ago
- Open source library that implements translator and tools for REIL (Reverse Engineering Intermediate Language)☆492Updated 3 years ago
- Official x64dbg plugin for IDA Pro.☆440Updated last year
- Python code to parse Microsoft PDB files☆309Updated last month
- SmartDec decompiler☆393Updated 3 years ago
- ☆928Updated 3 weeks ago
- capstone based disassembler for extracting to binnavi☆226Updated 8 years ago
- Virtualbox, VirtualMachine, Cuckoo, Anubis, ThreatExpert, Sandboxie, QEMU, Analysis Tools Detection Tools☆440Updated 5 years ago
- A set of tutorials about code injection for Windows.☆305Updated 3 weeks ago
- A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.☆420Updated 6 years ago
- Supporting Data Archives for Ghidra☆252Updated 4 years ago
- PowerLoaderEx - Advanced Code Injection Technique for x32 / x64☆356Updated 7 years ago
- x86 Inline hooking engine (using trampolines)☆91Updated 9 years ago
- Pure Python parser and analyzer for IDA Pro database files (.idb).☆455Updated 3 years ago
- The ultimate hooking library☆253Updated 3 years ago
- Source from VMDE paper, adapted to 2015☆175Updated 6 years ago
- ☆437Updated this week
- WinDBG Anti-RootKit Extension☆612Updated 4 years ago
- IDA Pro script to add some useful runtime info to static analysis☆521Updated 2 years ago