Stars
VirtualBox VM detection mitigation loader
Linux kernel crash utility NOTE: The github PRs are not accepted, please subscribe to mail list via https://lists.crash-utility.osci.io/admin/lists/devel.lists.crash-utility.osci.io/ for contributi…
An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).
Complete list of LPE exploits for Windows (starting from 2023)
DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidSco…
LeechCore - Physical Memory Acquisition Library & The LeechAgent Remote Memory Acquisition Agent
The research UEFI hypervisor that supports booting an operating system.
Frida-based tracer for easier reverse-engineering on Android, iOS, Linux, Windows and most related architectures.
The Windows Library for Intel Process Trace (WinIPT) is a project that leverages the new Intel Processor Trace functionality exposed by Windows 10 Redstone 5 (1809), through a set of libraries and …
Updated version of System Management Mode backdoor for UEFI based platforms: old dog, new tricks
PRVHASH - Pseudo-Random-Value Hash. Hash functions, PRNG with unlimited period, randomness extractor, and a glimpse into abyss. (inline C/C++) (Codename Gradilac/Градилак)
x64dbg utility for linker map files, diff files, PEiD/IDA signatures, and code signature generation.
Contains source for libdwarf, a library for reading DWARF2 and later DWARF. Contains source to create dwarfdump, a program which prints DWARF2 and later DWARF in readable format. Has a very limited…
A tool to explore USB-C on Apple devices using the Tamarin C Hardware.
A custom ELF linker/loader for installing ET_REL binary patches at runtime
Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).
UAC Bypass using UIAccess program QuickAssist