Top Rating
- Top Contributors
  Discover the Top Open Source contributors by country or by language
- Interviews
  Discover real stories from Open Source developers
Discover

Discover your Favorite Language
Discover the top trending repositories and projects on Github. Explore the latest trends in your preferred languages.

Haskell

Dart

MATLAB

C++

C#

Ruby

HTML

Groovy

More Languages
Awesome

Awesome repositories
Discover the most awesome repositories and projects of your favorite languages. Inspired by the Awesome-* lists trend in GitHub.

Dart

Python

Objective-C

Lua

JavaScript

Ada

Ruby

C++

More Languages
By Country

Rankings by Country
Discover the community of talented open source contributors in each country.

🇼🇸 Samoa

🇮🇳 India

🇮🇲 Isle of Man

🇬🇮 Gibraltar

🇯🇵 Japan

🇾🇪 Yemen

🇲🇸 Montserrat

🇻🇬 British Virgin Islands

All Countries Compare Countries

mrexodia/lolbin-poc

Stars
112
Rank 300,692 (Top 7 %)
Language
C++
Created about 1 year ago
Updated 12 months ago

mrexodia/lolbin-poc

mrexodia

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Small PoC of using a Microsoft signed executable as a lolbin.

lolbin-poc

Small PoC of using a Microsoft signed executable as a lolbin.

Building (32-bit)

cmake -B build32 -A Win32
cmake --build build32 --config Release

Building (64-bit)

cmake -B build64 -A x64
cmake --build build64 --config Release

Usage

Download WinDbg from here, put the compiled dbgeng.dll next to windbg.exe.

Bonus

There's also a bunch of other DLLs you can use:

TitanHide

Hiding kernel-driver for x86/x64.

dumpulator

An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).

AppInitHook

Global user-mode hooking framework, based on AppInit_DLLs. The goal is to allow you to rapidly develop hooks to inject in an arbitrary process.

NtPhp

Ever wanted to execute PHP in your kernel driver? Look no further!

akt

Armadillo Key Tool

JitMagic

Simple tool that allows you to have multiple Just-In-Time debuggers at once.

haxxmap

Some simple go tools to perform a Man-in-the-middle (MITM) attack on your IMAP server in case you forgot your password.

EfiCMake

CMake template for a basic EFI application/bootkit. This library is header-only, there is no EDK2 runtime!).

driver_unpacking

Ghetto user mode emulation of Windows kernel drivers.

ArmaG3ddon

ArmaG3ddon by CondZero/ARTeam

idapatch

IDA plugin to patch IDA Pro in memory.

MiniDumpPlugin

Simple x64dbg plugin to save a full memory dump

perfect-dll-proxy

Perfect DLL Proxying using forwards with absolute paths.

YaraGen

Plugin for x64dbg to generate Yara rules from function basic blocks.

REToolSync

Collaboration platform for reverse engineering tools.

PatternFinder

Parallel signature matcher in C#

zig-cross

Example of using as a CMake Toolchain for cross compiling.

CEAutoAttach

Tool to automatically make Cheat Engine attach to a process via the command line.

Diff

Diff plugin for x64dbg

portable-executable-library

Automatically exported from code.google.com/p/portable-executable-library

WorkraveQt

Modern reimplementation of Workrave in Qt. Optimized to look out for you where you don't.

IATFaker

Small project to generate fake DLLs based on an executable's import table

DotNetPluginCS

DotNetPluginCS based on:

FunUtils

Just some fun utilities I wrote for productivity reasons.

VMHunt_instracelog

Windows build files for the VMHunt Intel PIN Trace tool

CpConverter

Code Page Converter - Convert HTML/Text files to different encoding formats e.g. ANSI to UTF-8 or Unicode. Convert multiple files with 1 click. Works with all encodings.

VMProtectTest

WibuDebugHook

Injectable DLL that helps with debugging Wibu CodeMeter.

go-gitea-webhook

Simple webhook receiver implementation for Gitea/Gogs.

regstep

Simple x64dbg plugin to show registers on every step.

DisableParallelLoader

Plugin for x64dbg to disable parallel loading of dependencies

AStyleHelper

Simple tool to perform AStyle formatting in a git repository.

DarkSouls3.TextViewer

This tool helps you view all in-game text of Dark Souls 3.

cxx-common-cmake

Experiment building lifting-bits dependencies with pure CMake

mrexodia.github.io

rosetta-multipass

Use Rosetta to run amd64 binaries on your M1 with Multipass.

StackContains

Sample x64dbg plugin to scan the stack during tracing.

BoomPowGui

Simple C# GUI for BoomPow (banano miner).

SN8F2288_gui

Interactive disassembler and emulator for the SN8F2288.

NoFlashWindow

Disables FlashWindow and FlashWindowEx using AppInit_DLLs hook.

Utf8Ini

Small C++ INI Parser.

BreakpointUnresolved

Plugin for x64dbg to break on unresolved APIs.

imgui_cmkr

Experimental imgui app framework for rapid prototyping.

DrDecode

Simple plugin for x64dbg to decode debug registers

cloudflare-redirect

Simple CloudFlare Worker to implement a service similar to redirect.name, but with HTTPS support.

SimpleAutoItCrypter

Simple AutoIt crypter.

gogitterirc

Gitter/IRC Sync bot written in Go

YaraFlirt

Project to convert F.L.I.R.T. Signatures signatures to Yara Rules.

Arxan

Some super old control flow exploration experiments

TracePlugin

Very simple trace plugin example for x64dbg.

pygame_qt

Combinding pygame and PyQt5 in python3

GitIdentityManagerCpp

Very simple cross-platform utility to manage your git identities.

svelte-cpp-whiskey-list

Example Svelte frontend with C++ backend

LivecodingTwitch

Bot to synchronize Livecoding and Twitch chats.

CMakeMASM

BrainfuckInterpreter

Simple brainfuck interpreter written for Quora.

PasteFile

Plugin for x64dbg to paste a file in memory...

AsmParser

Loose parser for x86 assembly, used for translating them into IR.

ClickCatcher

Example plugin for x64dbg to handle mouse click events.

unicorn_template

Project template for unicorn based on CPM.

IXWebSocket_template

Simple template for IXWebSocket (websocket and http client/server library for C++) based on CPM.

VTIL-Hello

Example CMake project for VTIL.

CutterUpdater

Very simple utility to automatically check for, download and install the latest version of Cutter.

XInputScanner

Tool for x360ce to scan which XInput DLL is used.

BatchDecompiler

Script to batch-decompile things with IDA.

SMMNEX

010 editor binary templates for SMM NEX

JNIEnv

Plugin to assist in reverse engineering programs that use JNI.

debuggerpyd

Random Script DLL for x64dbg

TimeStampFormat

Example plugin to print a timestamp in the log.

gotgslack

Telegram/Slack synchronization bot.

GleeDbg

Experiments with imgui

NativeExport

Very simple example of native exports with C# and C++

vergiliusparser

Simple script to scrape https://www.vergiliusproject.com/

ExtendDumpSel

Plugin for x64dbg to add a command that extends the dump selection

StaticEngine

Playground for statically loading files into x64dbg.

ModulePathList

A simple x64dbg plugin to list modules with their paths.

cgit-theme

A theme for cgit

ExpressionParser

Very simple expression parser for binary operations with operator precedence, unary minus/plus/NOT and parentheses.

CMakePackageExample

fluffy-adventure

Some testing code with binary visualization

reimagined-umbrella

SwigSample

SwigSample with C#

miasm-old

Automatically exported from code.google.com/p/miasm

yara_vs13

The pattern matching swiss knife (used by x64dbg).

QClickableMenu

Project to support the triggered signal of the QMenu::menuAction if you click on the QMenu.

cryptopals

My solutions to the cryptopals crypto challenges.

RestartSpam

Simple plugin to spam restarts in x64dbg

VisualMutatorGUI

Simple GUI to visualize a results file from VisualMutator.

pybind11_example

kraken

knowledge-base

Knowledge base watching and scraping service.

angelscript-cpp-interface-generator

Automatically exported from code.google.com/p/angelscript-cpp-interface-generator

SimpleIATParser

DebugLoopRace

reversi

mandelbrot

RotMG.Common

Common utility library for RotMG by creepylava.

python64

Hack to have both python and python64 in your PATH environment variable.

OpenCVTest

A test CLion/CMake project for OpenCV 3 on OS X.

psychic-octo-fiesta