halsten

halsten's Stars

• killbug2004/insight

  A(nother) Binary Analysis Framework

  Language:C++1

• killbug2004/PErmutator

  Language:C1

• killbug2004/compressor2

  Automatically exported from code.google.com/p/compressor2

  Language:C++1

• killbug2004/pescrambler

  Automatically exported from code.google.com/p/pescrambler

  Language:C1

• killbug2004/accessch

  Automatically exported from code.google.com/p/accessch

  Language:C++1

• SLAUC91/RealisticMouse

  Realistic Mouse Movement (C++)

  Language:C++348

• SLAUC91/PatternScanner

  Byte Pattern Scanner

  Language:C++44

• SLAUC91/SDS

  Software Distribution Service

  Language:C++127

• killbug2004/Winbagility

  Debug Windows in non debug mode !

  Language:C++1

• killbug2004/x64emu

  x86_x64 emulator

  Language:C1

• killbug2004/diskflt

  Automatically exported from code.google.com/p/diskflt

  Language:C41

• tandasat/meow

  nyā

  Language:C++7019

• cgutman/NTcloak

  Filter manager minifilter and user-mode control program example

  Language:C95

• Nukem9/VirtualDbg

  Test code only. Not reliable for actual use.

  Language:C++6028

• Nukem9/VirtualDbgHide

  Windows kernel mode driver to prevent detection of debuggers.

  Language:C9657

• xiaoweime/WProtect

  Language:C467259

• slavaim/MacOSX-Kernel-Filter

  A Mac OS X kernel mode filter driver ( a kernel extension ) for devices, file systems and network

  Language:C++16652

• googleprojectzero/sandbox-attacksurface-analysis-tools

  Set of tools to analyze Windows sandboxes for exposed attack surface.

  Language:C#2.1k437

• JonDoNym/peinjector

  peinjector - MITM PE file infector

  Language:C601117

• BromiumLabs/PackerAttacker

  C++ application that uses memory and code hooks to detect packers

  Language:C++27072

• baderj/domain_generation_algorithms

  Some results of my DGA reversing efforts

  Language:Python649157

• unicorn-engine/unicorn

  Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, TriCore, X86)

  Language:C7.8k1.4k

• rpp0/scapy-fakeap

  Fake wireless Access Point (AP) implementation using Python and Scapy, intended for convenient testing of 802.11 protocols and implementations.

  Language:Python24452

• rpp0/aggr-inject

  Remote frame injection PoC by exploiting a standard compliant A-MPDU aggregation vulnerability in 802.11n networks.

  Language:Python27648

• uxmal/reko

  Reko is a binary decompiler.

  Language:C#2.2k255

• tandasat/PgResarch

  PatchGuard Research

  Language:C++295113

• tandasat/RemoteWriteMonitor

  A tool to help malware analysts tell that the sample is injecting code into other process.

  Language:C++7641

• tandasat/Scavenger

  A minifilter driver preserves all modified and deleted files.

  Language:C8034

• 9ee1/Capstone.NET

  .NET Core and .NET Framework binding for the Capstone Disassembly Framework

  Language:C#13631