zodiacon / NativeAppsLinks
Demos and presentation from SECArmy Village Grayhat 2020
☆38Updated 2 years ago
Alternatives and similar repositories for NativeApps
Users that are interested in NativeApps are comparing it to the libraries listed below
Sorting:
- Blog posts☆30Updated 4 years ago
- Dumps information about all the callback objects found in a dump file and the functions registered for them☆36Updated 4 years ago
- Headers for linking your software with ntdll.dll☆15Updated 4 years ago
- A small library helping to parse commandline parameters (for C/C++)☆57Updated last month
- Windows x64 Process Scanner to detect application compatability shims☆37Updated 6 years ago
- ☆22Updated 4 years ago
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year
- DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10☆53Updated last year
- A ready-made template for a project based on libpeconv.☆48Updated 4 months ago
- A DLL that serves OutputDebugString content over a TCP connection☆35Updated 3 years ago
- An IDA plugin to deal with Event Tracing for Windows (ETW)☆55Updated 2 years ago
- NDC Oslo 2019 slides and demos☆32Updated 4 years ago
- Clone running process with ZwCreateProcess☆57Updated 4 years ago
- Sysmon shenanigans☆65Updated 4 years ago
- ☆46Updated last month
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 7 years ago
- BITS Transfers Manager☆42Updated last month
- Parser for a custom executable format from Hidden Bee malware (first stage)☆43Updated 9 months ago
- ☆18Updated 4 years ago
- ☆22Updated 4 years ago
- An experimental dynamic malware unpacker based on Intel Pin and PE-sieve☆60Updated 10 months ago
- A set of small utilities, helpers for PIN tracers☆33Updated last year
- Windows GPU rootkit PoC by Team Jellyfish☆35Updated 10 years ago
- Windbg extension that allows you analyze Control Flow Guard map☆35Updated 3 years ago
- WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs☆18Updated last year
- A Practical example of ELAM (Early Launch Anti-Malware)☆34Updated 3 years ago
- View handles and object for each object type☆64Updated 5 years ago
- ☆28Updated 7 months ago
- Static library and headers for linking your software with ntdll.dll☆32Updated 5 years ago
- ☆28Updated 2 years ago