hasherezade/masm_shc hasherezade/masm_shc

  • Stars
    star
    136
  • Rank 267,670 (Top 6 %)
  • Language
    C++
  • License
    MIT License
  • Created about 4 years ago
  • Updated almost 2 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
hasherezade/masm_shc
github

hasherezade

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.

masm_shc

Build status

A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.

More Repositories

1

pe-bear

Portable Executable reversing tool with a friendly GUI
C++
1,976
star
2

pe_to_shellcode

Converts PE into a shellcode
C++
1,911
star
3

malware_training_vol1

Materials for Windows Malware Analysis training (volume 1)
Assembly
1,806
star
4

hollows_hunter

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
C
1,659
star
5

libpeconv

A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl
C++
917
star
6

tiny_tracer

A Pin Tool for tracing API calls etc
C++
880
star
7

demos

Demos of various injection techniques found in malware
C
771
star
8

pe-bear-releases

PE-bear (builds only)
762
star
9

dll_to_exe

Converts a DLL into EXE
C++
726
star
10

exe_to_dll

Converts a EXE into DLL
C++
657
star
11

bearparser

Portable Executable parsing library (from PE-bear)
C++
608
star
12

process_ghosting

Process Ghosting - a PE injection technique, similar to Process Doppelgรคnging, but using a delete-pending file instead of a transacted file
C
551
star
13

mal_unpack

Dynamic unpacker based on PE-sieve
C
543
star
14

process_doppelganging

My implementation of enSilo's Process Doppelganging (PE injection technique)
C
489
star
15

transacted_hollowing

Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgรคnging
C
457
star
16

malware_analysis

Various snippets created during malware analysis
Python
447
star
17

ida_ifl

IFL - Interactive Functions List (plugin for IDA Pro)
Python
392
star
18

module_overloading

A more stealthy variant of "DLL hollowing"
C
318
star
19

process_overwriting

Yet another variant of Process Hollowing
C++
313
star
20

IAT_patcher

Persistent IAT hooking application - based on bearparser
C++
236
star
21

persistence_demos

Demos of various (also non standard) persistence methods used by malware
C++
214
star
22

chimera_pe

ChimeraPE (a PE injector type - alternative to: RunPE, ReflectiveLoader, etc) - a template for manual loading of EXE, loading imports payload-side
C
208
star
23

shellconv

Small tool for disassembling shellcode (using objdump)
Python
144
star
24

antianalysis_demos

Set of antianalysis techniques found in malware
C++
119
star
25

password_scrambler

Password scrambler - a deterministic password re-generator (alternative to a password manager)
Python
118
star
26

dll_injector

A simple commandline injector using classic DLL injection
C++
114
star
27

funky_malware_formats

Parsers for custom malware formats ("Funky malware formats")
C++
94
star
28

process_chameleon

A process overwriting its own PEB to make an illusion that it has been loaded from a different path.
C
93
star
29

mal_unpack_drv

MalUnpack companion driver
C++
82
star
30

crypto_utils

Set of my small utils related to cryptography, encoding, decoding etc
Python
76
star
31

ViDi

ViDi Visual Disassembler (experimental)
C++
76
star
32

pe2pic

Small visualizator for PE files
Python
63
star
33

pin_n_sieve

An experimental dynamic malware unpacker based on Intel Pin and PE-sieve
C++
54
star
34

paramkit

A small library helping to parse commandline parameters (for C/C++)
C++
52
star
35

petya_recovery

Application for cracking Red Petya key based on genetic algorithms.
C++
50
star
36

petya_key

A decoder for Petya victim keys, using the Janus' masterkey.
C++
43
star
37

libpeconv_tpl

A ready-made template for a project based on libpeconv.
C++
40
star
38

pe_unmapper

Small tool to convert beteween the PE alignments (raw and virtual).
C++
39
star
39

flareon2019

Flare-On solutions
C
36
star
40

mal_sort

Various scripts helpful in sorting collections of malware samples.
Python
36
star
41

pesieve-go

Golang bindings for PE-sieve
Go
35
star
42

IAT_patcher_samples

Sample libraries to be used with IAT Patcher
C++
32
star
43

pe_utils

A set of small utilities, helpers for PIN tracers
C++
31
star
44

hidden_bee_tools

Parser for a custom executable format from Hidden Bee malware (first stage)
C
31
star
45

mal_unpack_py

Python wrappers for mal_unpack
Python
29
star
46

decryptors_archive

Archive of ransomware decryptors
C++
28
star
47

flareon2022

JavaScript
27
star
48

asm16_projects

My small projects writen in 16 bit asm (NOTE: those are my practice projects that I wrote when I was 15, I give no warranty for this code!)
Assembly
23
star
49

tag_converter

C++
22
star
50

petya_green

Application for random attack on Green Petya's key
C++
22
star
51

bootldr_demo

Demo bootloaders - created just for fun
Assembly
21
star
52

metasploit_modules

My metasploit modules
Ruby
19
star
53

loaderine

A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.
C
19
star
54

jpassword_scrambler

Small utility to generate complicated passwords - version with GUI
Java
17
star
55

bunitu_tests

Scripts for communication with Bunitu Trojan C&Cs
Python
16
star
56

7ev3n_decoders

Decoders for 7ev3n ransomware
Assembly
14
star
57

libpeconv_and_detours_tpl

A template for projects using both libPeConv and MS Detours
C++
14
star
58

sig_finder

Signature finder (from PE-bear)
C++
13
star
59

detours_cmake_tpl

A CMake template for projects using MS Detours
CMake
13
star
60

passcrambler

https://hasherezade.github.io/passcrambler/
JavaScript
11
star
61

challs

My solutions for random crackmes and other challenges
C++
11
star
62

wke_exercises

My solutions for HackSys Extreme Vulnerable Driver
C++
10
star
63

drawings

Some of my drawings
9
star
64

pe_recovery_tools

A placeholder repository
9
star
65

hasherezade.github.io

My projects' homepage
HTML
8
star
66

mastercoder2014

My solutions
C++
8
star
67

libpeconv_demo

Demo projects and utilities made with the help of libPeConv
C++
8
star
68

bearparser_tests

External tests for bearparser
Assembly
7
star
69

libpeconv_wrappers

A ready-made template for a new project based on libPeConv library
C++
7
star
70

hasherezade

6
star
71

paramkit_tpl

A template for a project using ParamKit
C++
5
star
72

pesieve_tests

External tests for PE-sieve
4
star