zed-0xff / pedump

Related projects ⓘ

Alternatives and complementary repositories for pedump

• BromiumLabs / PackerAttacker
  C++ application that uses memory and code hooks to detect packers
  ☆268Updated 6 years ago
• hasherezade / bearparser
  Portable Executable parsing library (from PE-bear)
  ☆648Updated 2 months ago
• jjyg / metasm
  This is the main repository for metasm, a free assembler / disassembler / compiler written in ruby
  ☆462Updated 3 weeks ago
• msuhanov / regf
  Windows registry file format specification
  ☆325Updated 6 years ago
• MagnetForensics / SwishDbgExt
  Incident Response & Digital Forensics Debugging Extension
  ☆371Updated 5 years ago
• hfiref0x / VMDE
  Source from VMDE paper, adapted to 2015
  ☆176Updated 6 years ago
• a1ext / labeless
  Labeless is a multipurpose IDA Pro plugin system for labels/comments synchronization with a debugger backend, with complex memory dumping…
  ☆515Updated 2 years ago
• tinysec / windows-syscall-table
  windows syscall table from xp ~ 10 rs4
  ☆349Updated 6 years ago
• eugeneching / ida-consonance
  Consonance, a dark color scheme for IDA.
  ☆261Updated 11 years ago
• hasherezade / IAT_patcher
  Persistent IAT hooking application - based on bearparser
  ☆247Updated 2 years ago
• BreakingMalware / PowerLoaderEx
  PowerLoaderEx - Advanced Code Injection Technique for x32 / x64
  ☆359Updated 7 years ago
• trailofbits / pe-parse
  Principled, lightweight C/C++ PE parser
  ☆801Updated 5 months ago
• swwwolf / wdbgark
  WinDBG Anti-RootKit Extension
  ☆615Updated 4 years ago
• ohjeongwook / DarunGrim
  A patch analysis tool
  ☆359Updated 4 years ago
• ynvb / DIE
  Dynamic IDA Enrichment
  ☆468Updated 2 years ago
• MalwareTech / BasicHook
  x86 Inline hooking engine (using trampolines)
  ☆92Updated 9 years ago
• K2 / EhTrace
  ATrace is a tool for tracing execution of binaries on Windows.
  ☆235Updated 8 years ago
• moyix / pdbparse
  Python code to parse Microsoft PDB files
  ☆316Updated 3 months ago
• gdabah / distormx
  The ultimate hooking library
  ☆253Updated 3 years ago
• edix / LoadDll
  Better version of RunDll with GUI. This program allows you to load DLLs on Windows. You can select how to load the DLL. By direct Entry P…
  ☆233Updated 9 years ago
• smartdec / smartdec
  SmartDec decompiler
  ☆397Updated 3 years ago
• therealdreg / DbgChild
  Debug Child Process Tool (auto attach)
  ☆271Updated last year
• AlicanAkyol / sems
  Virtualbox, VirtualMachine, Cuckoo, Anubis, ThreatExpert, Sandboxie, QEMU, Analysis Tools Detection Tools
  ☆442Updated 5 years ago
• tandasat / scripts_for_RE
  Python scripts for reverse engineering.
  ☆179Updated 3 years ago
• nccgroup / DriverBuddy
  DriverBuddy is an IDA Python script to assist with the reverse engineering of Windows kernel drivers.
  ☆352Updated 4 years ago
• peperunas / injectopi
  A set of tutorials about code injection for Windows.
  ☆305Updated 2 months ago
• FSecureLABS / win_driver_plugin
  A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.
  ☆422Updated 6 years ago
• vivisect / vivisect
  ☆939Updated 2 months ago
• nologic / idaref
  IDA Pro Instruction Reference Plugin
  ☆636Updated 3 years ago
• DGA-MI-SSI / YaCo
  YaCo is an Hex-Rays IDA plugin. When enabled, multiple users can work simultaneously on the same binary. Any modification done by any use…
  ☆315Updated 5 years ago