zeroSteiner / mayhem
Runtime Process Manipulation
☆231Updated 3 months ago
Alternatives and similar repositories for mayhem:
Users that are interested in mayhem are comparing it to the libraries listed below
- Pocs for Antivirus Software‘s Kernel Vulnerabilities☆263Updated 7 years ago
- Tool written in python3 to determine where the AV signature is located in a binary/payload☆313Updated 6 years ago
- Zerokit/GAPZ rootkit (non buildable and only for researching)☆182Updated 5 years ago
- Fork of mona.py with x64dbg support☆102Updated 2 years ago
- A tool to detect and crash Cuckoo Sandbox☆292Updated 7 months ago
- Cminer is a tool for enumerating the code caves in PE files.☆148Updated last year
- Content from presentation at BHUSA 2017☆180Updated 7 years ago
- flare-dbg is a project meant to aid malware reverse engineers in rapidly developing debugger scripts.☆150Updated 7 years ago
- Search for code cave in all binaries☆277Updated 8 months ago
- Small tool for generating ropchains using unicorn and z3☆197Updated 7 years ago
- WinAppDbg Debugger☆453Updated last year
- A set of exploitation/reversing aids for IDA☆417Updated 7 years ago
- GUI tool to create ROP chains using the ropper API☆156Updated 6 years ago
- WinHeap Explorer repository.☆119Updated 6 years ago
- Exploits for CVE-2017-6008, a kernel pool buffer overflow leading to privilege escalation.☆116Updated 4 months ago
- Sample use cases of the .NET native code hooking technique☆208Updated 7 years ago
- Command-line and Python debugger for instrumenting and modifying native software behavior on Windows and Linux.☆162Updated last year
- Python solutions for the HackSysTeam Extreme Vulnerable Driver☆151Updated 3 years ago
- An attempt at Process Doppelgänging☆184Updated 7 years ago
- Miscellaneous tools written in Python, mostly centered around shellcodes.☆145Updated 9 years ago
- Pazuzu: Reflective DLL to run binaries from memory☆214Updated 4 years ago
- ATrace is a tool for tracing execution of binaries on Windows.☆236Updated 8 years ago
- A one-click tool to inject jobs into the BITS queue (Background Intelligent Transfer Service), allowing arbitrary program execution as th…☆98Updated 5 years ago
- I Know Where Your Page Lives: Derandomizing the latest Windows 10 Kernel - ZeroNights 2016☆163Updated 8 years ago
- C++ application that uses memory and code hooks to detect packers☆270Updated 7 years ago
- DC25 5A1F - Demystifying Windows Kernel Exploitation by Abusing GDI Objects☆145Updated 7 years ago
- A set of tutorials about code injection for Windows.☆309Updated 6 months ago
- Patching ROP-encoded shellcodes into PEs☆184Updated 7 years ago
- ☆91Updated 8 years ago
- A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.☆428Updated 6 years ago