Blackbone is a collection of specialized tools for memory scanning, process injection, and kernel-driver interfaces used to manipulate the Windows execution environment. It provides a framework for executing remote code, mapping portable executable images, and managing threads across different process boundaries. The project includes a kernel memory driver to access kernel memory and modify handle rights to hide allocations from user-mode detection. It also features a library for intercepting function calls in remote processes using software interrupts and hardware breakpoints. The toolkit c
Angr is a binary analysis framework and static analysis tool used for reverse engineering compiled binaries. It serves as a binary decompiler and a lifting platform that translates machine code into a common intermediate representation to enable cross-architecture analysis. The framework integrates a symbolic execution engine and constraint solvers to determine the inputs required to reach specific program states. It also employs untrusted code sandboxing to isolate guest code from the host environment during analysis. Its capabilities cover control flow and data flow analysis, including the
Hooker is a toolkit for the dynamic instrumentation, memory analysis, and deobfuscation of Android applications. It functions as a reverse engineering framework that uses Frida to inject scripts into running processes, monitor native calls, and extract executable DEX files. The project provides specialized utilities for bypassing security controls, including tools to disable SSL certificate validation and BoringSSL pinning to enable HTTPS traffic interception. It includes capabilities for detecting application packing, extracting cryptographic keys by hooking encryption algorithms, and circum
Dexposed is a set of runtime tools and engines designed for dynamic patching, framework interception, and code instrumentation on Android devices. It functions as a hooking framework and instrumentation tool used to load custom code into running processes to alter logic without modifying the original bytecode. The project enables the interception and modification of method behavior within both Android applications and the system framework. It specifically provides capabilities for bypassing operating system limitations by overriding framework calls and applying hot patches to live processes w