zodiacon / syllabi

Related projects: ⓘ

• zodiacon / ApiSetView
  API Set Viewer
  ☆83Updated 4 years ago
• zodiacon / Recon2023
  Recon 2023 slides and code
  ☆77Updated last year
• manyfacedllama / amsi-tracer
  Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …
  ☆86Updated 3 years ago
• pathtofile / PPLRunner
  Run Processes as PPL with ELAM
  ☆139Updated 2 years ago
• pathtofile / SealighterTI
  Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider
  ☆157Updated last year
• jonaslyk / temp
  ☆65Updated last year
• LloydLabs / dearg-thread-ipc-stealth
  A novel technique to communicate between threads using the standard ETHREAD structure
  ☆108Updated 3 years ago
• hasherezade / pe2pic
  Small visualizator for PE files
  ☆66Updated 11 months ago
• YoavLevi / IAT-Tracer
  An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…
  ☆105Updated 2 months ago
• hasherezade / mal_unpack_drv
  MalUnpack companion driver
  ☆92Updated 3 months ago
• ars3n11 / MineSweeper
  Windows user-land hooks manipulation tool.
  ☆139Updated 3 years ago
• OALabs / trashdbg
  TrashDBG the world's worse debugger
  ☆24Updated 2 years ago
• WithSecureLabs / GarbageMan
  GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.
  ☆114Updated last year
• nccgroup / mimikatz-detector-condrv
  The Console Monitor Driver is a KMDF kernel-mode filter driver that captures certain Fast I/O operations (input and output) that is sent …
  ☆34Updated 2 years ago
• uf0o / windows-ps-callbacks-experiments
  Files for http://blog.deniable.org/posts/windows-callbacks/
  ☆67Updated 2 years ago
• intel471 / coderex
  A tool that automates regex generation for the x86 and x86-64 instruction sets
  ☆61Updated 5 months ago
• enkomio / thematrix
  a PE Loader and Windows API tracer. Useful in malware analysis.
  ☆138Updated 2 years ago
• SouhailHammou / Drivers
  Windows Drivers
  ☆95Updated 5 years ago
• bohops / RogueAssemblyHunter
  Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes.
  ☆114Updated 2 years ago
• d35ha / xLogger
  Simple windows API logger
  ☆96Updated 5 years ago
• NtRaiseHardError / Sysmon
  Sysmon shenanigans
  ☆65Updated 3 years ago
• poona / APIMiner
  API Logger for Windows Executables
  ☆77Updated 3 years ago
• LloydLabs / process-enumeration-stealth
  ☆74Updated 3 weeks ago
• daem0nc0re / SharpWnfSuite
  C# Utilities for Windows Notification Facility
  ☆122Updated 4 months ago
• nccgroup / DetectWindowsCopyOnWriteForAPI
  Enumerate various traits from Windows processes as an aid to threat hunting
  ☆180Updated 2 years ago
• cdong1012 / IDAPython-Malware-Scripts
  ☆66Updated 9 months ago
• ionescu007 / hazmat5
  Local OXID Resolver (LCLOR) : Research and Tooling
  ☆31Updated 3 years ago
• ch3rn0byl / WinDbg-Extensions
  ☆17Updated 3 years ago
• naksyn / talks
  Repo containing my public talks
  ☆22Updated last year
• xalicex / Unhook-Import-Address-Table
  Piece of code to detect and remove hooks in IAT
  ☆51Updated 2 years ago