Lists (1)
Stars
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
RetDec is a retargetable machine-code decompiler based on LLVM.
Sol3 (sol2 v3.0) - a C++ <-> Lua API wrapper with advanced features and top notch performance - is here, and it's great! Documentation:
An even funnier way to disable windows defender. (through WSC api)
library for importing functions from dlls in a hidden, reverse engineer unfriendly way
Alternative Shellcode Execution Via Callbacks
Library for lifting machine code to LLVM bitcode
Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.
An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents
base64 encoding and decoding with c++
Obfusk8: lightweight Obfuscation library based on C++17 / Header Only for windows binaries
This program remaps its image to prevent the page protection of pages contained in the image from being modified via NtProtectVirtualMemory.
Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS headers, Unlinking .NET related modules, bypassing ETW+AMSI, avo…
This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp, socket)
C++ 20 Control Flow Obfuscation library for Windows Binaries
TinyAntivirus is an open source antivirus engine designed for detecting polymorphic virus and disinfecting it.
The CIA's Marble Framework is designed to allow for flexible and easy-to-use obfuscation when developing tools.
Simple x86/x86_64 instruction level obfuscator based on a basic SBI engine
Reimplementation of Microsoft's Warbird obuscator