GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → CheckPointSW → showstopper

CheckPointSW / showstopper

Licence: MIT license
ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solutions that clash with standard anti-debug methods.

Programming Languages

C++
36643 projects - #6 most used programming language
c
50402 projects - #5 most used programming language

Labels

researchmalwareanti-debug

Projects that are alternatives of or similar to showstopper

Anti-Debug-DB
Anti-Debug encyclopedia contains methods used by malware to verify if they are executed under debugging. It includes the description of various anti-debug tricks, their implementation, and recommendations of how to mitigate the each trick.
Stars: ✭ 20 (-84.85%)
Mutual labels:  research, malware, anti-debug
Whitecomet-Research
Research on malware creation and protection
Stars: ✭ 62 (-53.03%)
Mutual labels:  research, malware
cerberus research
Research tools for analysing Cerberus banking trojan.
Stars: ✭ 110 (-16.67%)
Mutual labels:  research, malware
Invizzzible
InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date detection and evasion techniques as well as fixes for them.
Stars: ✭ 268 (+103.03%)
Mutual labels:  research, malware
Fidl
A sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
Stars: ✭ 319 (+141.67%)
Mutual labels:  research, malware
FIDL
A sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
Stars: ✭ 421 (+218.94%)
Mutual labels:  research, malware
Android unpacker
A (hopefully) generic unpacker for packed Android apps.
Stars: ✭ 320 (+142.42%)
Mutual labels:  research, malware
unprotect
Unprotect is a python tool for parsing PE malware and extract evasion techniques.
Stars: ✭ 75 (-43.18%)
Mutual labels:  malware, anti-debug
SOMns
SOMns: A Newspeak for Concurrency Research
Stars: ✭ 62 (-53.03%)
Mutual labels:  research
portfoliolab
PortfolioLab is a python library that enables traders to take advantage of the latest portfolio optimisation algorithms used by professionals in the industry.
Stars: ✭ 104 (-21.21%)
Mutual labels:  research
Malware-Sample-Sources
Malware Sample Sources
Stars: ✭ 214 (+62.12%)
Mutual labels:  malware
bluepill
BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)
Stars: ✭ 94 (-28.79%)
Mutual labels:  malware
JustEvadeBro
JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.
Stars: ✭ 63 (-52.27%)
Mutual labels:  malware
omegalib
A hybrid visualization framework for desktops, large immersive displays and the web
Stars: ✭ 74 (-43.94%)
Mutual labels:  research
dga-collection
A collection of known Domain Generation Algorithms
Stars: ✭ 61 (-53.79%)
Mutual labels:  malware
SeaPearl.jl
Julia hybrid constraint programming solver enhanced by a reinforcement learning driven search.
Stars: ✭ 119 (-9.85%)
Mutual labels:  research
thesis
MSc thesis on: Classifying brain activity using EEG and automated time tracking of computer use (using ActivityWatch)
Stars: ✭ 44 (-66.67%)
Mutual labels:  research
ToxicEye
👽 Program for remote control of windows computers via telegram bot. Written in C#
Stars: ✭ 305 (+131.06%)
Mutual labels:  malware
lightning-hydra-template
PyTorch Lightning + Hydra. A very user-friendly template for rapid and reproducible ML experimentation with best practices. ⚡🔥⚡
Stars: ✭ 1,905 (+1343.18%)
Mutual labels:  research
covid19 scenarios data
Data preprocessing scripts and preprocessed data storage for COVID-19 Scenarios project
Stars: ✭ 43 (-67.42%)
Mutual labels:  research
View All Similar Projects ➔

ShowStopper - Anti-Debug tricks exploration tool

Contributed by Check Point Software Technologies LTD.
Programmed by Yaraslau Harakhavik

Overview

The ShowStopper project is a tool to help malware researchers explore and test anti-debug techniques or verify debugger plugins or other solutions that clash with standard anti-debug methods.
With this tool, you can attach a debugger to its process and research the debugger’s behavior for the techniques you need (the virtual addresses of functions that apply to anti-debug techniques are printed to console) and compare them with their implementation. The tool includes a varied set of different techniques from multiple sources, including real-world malware and published documents and articles. The implemented techniques work for the latest Windows releases and for different modern debuggers.

Documenattion

How to install and use the tool, and contribute your findings in the documentation for the project.

System Requirements

  • Windows 7, 8, 8.1, 10 (x86/x86-64)
  • 32-Bit debuggers (OllyDbg, x32dbg, WinDbg, etc.)

References

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].