DarkCoderSc/PsyloDbg DarkCoderSc/PsyloDbg

  • Stars
    star
    168
  • Rank 225,507 (Top 5 %)
  • Language Pascal
  • License
    Apache License 2.0
  • Created about 2 years ago
  • Updated over 1 year ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
DarkCoderSc/PsyloDbg
github

DarkCoderSc

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

User-friendly Microsoft Windows Debugger for Malware Analysts.

PsyloDbg

PsyloDbg is a fast-growing and user-friendly open-source Windows Debugger entirely coded in Delphi.

The main goal of this project is to offer to Malware analysts another tool to short their response time during their analysis process.

The project is still in very early stage, it is expected to grow in feature progressively.

Images

Debug Events

Memory Map

Loaded Modules

Debugged Process Tree

Dump and Reconstruct PE Image (Beta)

Debugger Features

  • = Implemented
  • = Not yet implemented

Loaded Modules

  • List.
  • Dump Reconstructed Module Image.
  • List Exported Functions.

ANSI / WIDE String

  • List file / memory strings.
  • Advanced search features.

Memory Map

  • List.
  • Identify PE Images and Sections.
  • Identify Thread Stacks.
  • Identify Heaps.
  • Dump Region(s) / Page(s) Memory.

Extra Tools

  • File Merger.
  • Hash Utils.

Misc

  • Catch Debug Events.
  • Attach running process to debugger.
  • Enumerate Threads.
  • Dump and reconstruct image(s) from process.
  • List open handles.
  • API Tracing.
  • Import Module and Functions.
  • Internationalization.
  • PsyloDbg Logging (Ex: Psylo Exception).

Changelog

2022/10/13 : v0.1 - Initial Release

  • First Release, Supporting Debug Events.

2022/10/21 : v0.2

  • Memory Map List Added.
  • Memory Dymp.
  • Better Exception Handling.
  • Logging.
  • Themes Supported.

2022/11/15 : v0.3

  • Option to keep session information when debug process stop.
  • PsyloDbg Window Title is now dynamic.
  • Better thread system (with thread manager) - previous feature needs to implement new thread system.
  • Enumerate loaded modules.
  • Certain features now support child process (Ex: loaded modules, memory map etc..)
  • Memory Map now support child process.
  • Dump and reconstruct module image (Reconstruct PE - Beta)

More Repositories

1

PowerRemoteDesktop

Remote Desktop entirely coded in PowerShell.
PowerShell
1,906
star
2

win-brute-logon

Crack any Microsoft Windows users password without any privilege (Guest account included)
Pascal
992
star
3

SubSeven

SubSeven Legacy Official Source Code Repository
Pascal
525
star
4

PowerRunAsSystem

Run application as system with interactive system process support (active Windows session)
PowerShell
187
star
5

PowerBruteLogon

PowerBruteLogon (Ported version of WinBruteLogon in pure PowerShell)
PowerShell
105
star
6

PowerRunAsAttached

This script allows to spawn a new interactive console as another user account in the same calling console (console instance/window).
PowerShell
82
star
7

run-as-attached-networked

RunAsAttached is a program to run a console as another user and keep new console attached to caller console. Support reverse shell mode (Ex: Netcat)
Pascal
69
star
8

DLest

Pascal
67
star
9

inno-shellcode-example

Run shellcode through InnoSetup code engine.
Inno Setup
64
star
10

SharpShellPipe

This lightweight C# demo application showcases interactive remote shell access via named pipes and the SMB protocol.
C#
59
star
11

PowerAssembly

Map remote .NET assemblies to memory for further invocation.
PowerShell
36
star
12

RunAsAttached

RunAsAttached is a program to locally run a new terminal as another user without spawning a new console window.
Pascal
36
star
13

run-as

Simple RunAs program for Windows.
Pascal
32
star
14

PowerRemoteDesktop_LogonUI

WinLogon I/O (LogonUI) Plugin for PowerRemoteDesktop
C#
25
star
15

pe-code-cave-helper

PE File Code Cave Helper (Backdooring and/or Basic Section Obfuscation)
Python
18
star
16

ADS-Revealer

Pascal
17
star
17

dll-export-list

Pascal
16
star
18

nasm-shell-pp

Uses NASM Shell Tool from Metasploit to friendly export Python / C / CPP shellcode from assembly instructions.
Python
16
star
19

execute-shellcode-pgext

Postgres Extension to Execute Shellcodes
C
15
star
20

Sub7Fun

Pascal
11
star
21

peof-detector

Little project that use my tiny library to handle PE File EOF Data.
Pascal
11
star
22

slae32-crypters

SLAE32 Assignment NĀ°7 - Crypters
Pascal
11
star
23

eof-reader

C++/ CLI implementation of my read EOF Data from PE File lib.
C++
10
star
24

freepbx-shell-admin-module

FreePBX PHP Web Shell Admin Module
PHP
10
star
25

slae32-xor-encoder

Shellcode Encoder using XOR. Supports bad characters.
Python
10
star
26

YASE-Encoder

Yet Another Sub Encoder (YASE)
Python
10
star
27

darkcodersc

9
star
28

slae32-reverse-shell

SLAE32 Certification Assignment 2
Python
8
star
29

peb-update-debug-flag

Alter the debug flag, using PEB.
Pascal
7
star
30

Snippets

Repository that will progressively hold tiny projects and code snippets.
Pascal
7
star
31

tcp-bindshell-shellcode-slae32

TCP Bindshell Shellcode + Builder (SLAE32 Certification Exam)
Assembly
7
star
32

slae32-polymophism

SLAE32 Assignment NĀ°6 - Create up to three polymorphic version of shellcodes.
Assembly
6
star
33

slae32-egghunters

SLAE32 Assignment 3 : Egg Hunters
C
5
star
34

darkcodersc.github.io

HTML
3
star