awesome-repositories.com
Blog
awesome-repositories.com

Découvrez les meilleurs dépôts open-source grâce à notre recherche par IA.

ExplorerRecherches sélectionnéesAlternatives open sourceLogiciels auto-hébergésBlogPlan du site
ProjetÀ proposNotre méthodologiePresseServeur MCP
Mentions légalesConfidentialitéConditions d'utilisation
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

8 dépôts

Awesome GitHub RepositoriesRuntime Memory Manipulation

Capabilities for modifying process memory and dumping memory regions during application execution.

Distinct from Container Memory Dumps: Existing candidates focus on offline memory dump parsing or container snapshots, whereas this is about live, active memory patching and manipulation.

Explore 8 awesome GitHub repositories matching security & cryptography · Runtime Memory Manipulation. Refine with filters or upvote what's useful.

Awesome Runtime Memory Manipulation GitHub Repositories

Trouvez les meilleurs dépôts grâce à l'IA.Nous recherchons les dépôts les plus pertinents grâce à l'IA.
  • aslody/virtualappAvatar de asLody

    asLody/VirtualApp

    11,010Voir sur GitHub↗

    VirtualApp is an Android application virtualization engine and user-space sandbox that enables the execution of applications within an isolated environment. It allows for the running of multiple independent instances of the same application on a single device and supports private application installation without requiring system-level root access. The project features a comprehensive hooking framework for intercepting Java and native layer functions to modify application behavior. It includes tools for hardware simulation to spoof device models and system information, as well as a non-root pr

    Performs live memory patching and reading of internal application processes without root access.

    Javaandroidframeworkplugin
    Voir sur GitHub↗11,010
  • sensepost/objectionAvatar de sensepost

    sensepost/objection

    8,896Voir sur GitHub↗

    Objection is a dynamic instrumentation framework and runtime exploration toolkit for mobile application security analysis. It provides a command-line interface to interact with the memory and state of iOS and Android applications during active execution, serving as a toolkit for runtime analysis and security testing. The project distinguishes itself by providing specialized capabilities to bypass common mobile security controls, including SSL pinning, biometric authentication, and root or jailbreak detection. It enables the extraction of sensitive credentials and data from secure storage syst

    Frida modifies memory contents and dumps regions to change or analyze runtime behavior.

    Pythonandroidframeworkfrida
    Voir sur GitHub↗8,896
  • shellphish/how2heapAvatar de shellphish

    shellphish/how2heap

    8,444Voir sur GitHub↗

    how2heap is an educational resource and technical testbed for learning heap-based vulnerabilities and memory allocator internals. It provides a collection of source code examples and binaries that serve as a laboratory for studying memory corruption techniques specifically targeting the glibc malloc implementation. The project focuses on the development of exploit primitives, such as tcache poisoning and double frees, to redirect program execution. It includes a suite of implementations for bypassing memory protections and manipulating heap metadata to achieve arbitrary memory writes. The fr

    Demonstrates how to overwrite internal allocator structures such as chunk sizes and forward pointers for memory access.

    C
    Voir sur GitHub↗8,444
  • hugsy/gefAvatar de hugsy

    hugsy/gef

    8,020Voir sur GitHub↗

    GEF is a Python-based extension for GDB that serves as a framework for binary analysis, exploit development, and low-level debugging. It functions as a dynamic analysis extension designed to assist in reverse engineering workflows and malware analysis by enhancing the debugger's ability to inspect process state and memory. The project is distinguished by its specialized heap analysis tools, which allow for the inspection of glibc heap arenas, bins, and chunks to detect memory corruption. It also provides a dedicated toolkit for exploit development, including cyclic pattern generation for offs

    Modifies active process memory using XOR operations with a specific key for patching or display.

    Pythonbinary-ninjactfdebugging
    Voir sur GitHub↗8,020
  • lordnoteworthy/al-khaserAvatar de LordNoteworthy

    LordNoteworthy/al-khaser

    7,001Voir sur GitHub↗

    Al-Khaser is a research project focused on the development of anti-analysis and evasion techniques to resist reverse engineering. It provides implementations for detecting and evading virtual machines, sandboxes, and debuggers to prevent software analysis. The project implements control flow obfuscation through anti-disassembly methods and utilizes dynamic API resolution to bypass static import tables. It further hinders forensic analysis by manipulating memory headers to prevent process dumps and utilizing remote code injection to execute logic in external processes. The capability surface

    Modifies image sizes and erases headers in memory to prevent the creation of usable process dumps.

    C++
    Voir sur GitHub↗7,001
  • longld/pedaAvatar de longld

    longld/peda

    6,130Voir sur GitHub↗

    Peda est une suite d'outils de sécurité et un framework de développement d'exploits conçus pour l'analyse binaire, l'automatisation de débogueur et l'inspection de la mémoire. Il fonctionne comme un ensemble de scripts Python qui étendent un débogueur pour automatiser l'analyse des fichiers compilés et l'inspection de la mémoire des processus. Le projet fournit des utilitaires spécialisés pour la recherche sur la corruption de mémoire, y compris un utilitaire de génération de payload pour créer des motifs cycliques afin de découvrir les dépassements de tampon (buffer overflows) et un chercheur de gadgets pour localiser les séquences de programmation orientée retour (ROP) au sein des binaires. Il se distingue en offrant un outil de visualisation qui transforme les données brutes des registres, du désassemblage et de la mémoire en texte codé par couleur pour simplifier l'analyse des états du CPU. Le framework couvre un large éventail de capacités, notamment l'analyse de sécurité binaire pour détecter les protections, le scan de mémoire par expression régulière et la capacité de mapper les environnements de processus directement depuis le noyau système. Il inclut également des outils pour modifier les adresses mémoire et générer des templates de shellcode.

    Modifies memory addresses with custom data to alter the state of a running process.

    Python
    Voir sur GitHub↗6,130
  • byt3bl33d3r/offensivenimAvatar de byt3bl33d3r

    byt3bl33d3r/OffensiveNim

    3,033Voir sur GitHub↗

    OffensiveNim is a red teaming framework and post-exploitation toolkit developed in Nim. It provides a collection of low-level primitives and a Windows API wrapper designed for offensive security operations, including malware development and shellcode loading. The project focuses on evasion and obfuscation through techniques such as API unhooking, direct system calls, and anti-debugging mechanisms. It features diverse payload delivery methods, including reflective binary loading, the execution of .NET assemblies via CLR hosting, and various shellcode injection techniques using fibers, COM obje

    Provides capabilities for dumping memory from remote processes and performing live memory manipulation.

    Nim
    Voir sur GitHub↗3,033
  • korcankaraokcu/pinceAvatar de korcankaraokcu

    korcankaraokcu/PINCE

    2,767Voir sur GitHub↗

    PINCE is a dynamic debugger, instruction tracer, and memory scanner designed for the analysis and manipulation of running processes. It functions as a process memory manipulator and editor, allowing for the identification, modification, and monitoring of values within a target application's active memory. The tool distinguishes itself through memory pointer analysis, tracing addresses and offsets to locate static pointers that lead to dynamic data across different sessions. It also enables the execution of internal functions within a running process by manipulating the instruction pointer and

    Implements capabilities for modifying process memory and allocating new memory regions during application execution.

    Pythonassemblercheat-enginedebugging-tool
    Voir sur GitHub↗2,767
  1. Home
  2. Security & Cryptography
  3. Runtime Memory Manipulation

Explorer les sous-tags

  • Allocator Metadata ManipulationCorruption of internal allocator structures like chunk sizes and pointers to achieve arbitrary read/write. **Distinct from Runtime Memory Manipulation:** Focuses specifically on allocator metadata corruption rather than general process memory patching.
  • Memory Header ManipulationModifying or erasing process image headers in memory to prevent forensic dumping. **Distinct from Runtime Memory Manipulation:** Distinct from Runtime Memory Manipulation: specifically targets image headers to prevent usable process dumps.