dosnow's repositories
al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
Anti-AntiDebuggerDriver
VMP 3.5 - VMP 3.7.2 Full Protect Anti Debugger Fuxker
Direct-NtCreateUserProcess
Call NtCreateUserProcess directly as normal.
Divert
WinDivert: Windows Packet Divert
dll_to_exe
Converts a DLL into EXE
E-Decompiler
用来辅助分析易语言程序的IDA插件
eLibStl
🎃易语言核心库拓展
HP-Socket
High Performance TCP/UDP/HTTP Communication Component
HyperDbg
The Source Code of HyperDbg Debugger 🐞
HyperHide
Hypervisor based anti anti debug plugin for x64dbg
kdmapper
KDMapper is a simple tool that exploits iqvw64e.sys Intel driver to manually map non-signed drivers in memory
LibKrnln
🎃跨平台中文命令库
MemoryDll-DllRedirect
Dll memory redirection through Hook NtMapViewOfSection
minhook
The Minimalistic x86/x64 API Hooking Library for Windows
NtSocket_NtClient_NtServer
Using NtCreateFile and NtDeviceIoControlFile to realize the function of winsock(利用NtCreateFile和NtDeviceIoControlFile 实现winsock的功能)
od_plugin
这是一个Ollydbg插件,它提供了非常多友好的功能包括但不限于方便的数据提取,一键trace,跟踪api,iat修复等等
ParsePb
无proto文件解析protobuf序列化后的内容
protobuf-PbParser
PbParser是一个VisualStudio2022项目,用于解析和打包protobuf的二进制数据,它允许在没有proto文件的情况下,准确的解析和打包数据
qJson
C++实现的超简便Json解析库
QQImpl
调用QQ Mojo IPC与WeChatOCR
ScyllaHide
Advanced usermode anti-anti-debugger. Forked from https://bitbucket.org/NtQuery/scyllahide
simple_debug_plugin
一个辅助调试器的工具,可以让调试器附加、读写被保护的进程如杀软(玩具项目,仅为巩固知识编写)
TextCmp
Compare the .text code in memory with the original one of File
unicorn
Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, TriCore, X86)
vmp3-import-fix
Fix VMProtect3 IAT
VmpHelper
an ida plugin used to decompile vmp
WeChatStudy
StudyWechat
WPeChatGPT
A plugin for IDA that can help to analyze binary file and it uses OpenAI's ChatGPT training API.