Alternatives and similar repositories for nt-load-order

Users that are interested in nt-load-order are comparing it to the libraries listed below

• N0fix / IDA_rust_metadata_finder
  IDA plugin to recover source code from panic information on rust
  ☆17Updated 8 months ago
• tandasat / CVE-2024-21305
  Report and exploit of CVE-2024-21305.
  ☆38Updated last year
• connormcgarr / SkBridge
  Harness to issue Virtual Secure Mode (VSM) "secure calls" from VTL 0 to VTL 1
  ☆68Updated 4 months ago
• m417z / x64dbg-symbol-tldr
  An x64dbg plugin which helps make sense of long C++ symbols
  ☆58Updated 2 years ago
• Rantanen / ghidra-minidump-loader
  Windows Minidump loader for Ghidra
  ☆29Updated 3 years ago
• djolertrk / kLLDB
  LLDB based debugger for Linux Kernel
  ☆28Updated 9 months ago
• connormcgarr / Vtl1Mon
  Virtual Trust Level (VTL 1) secure call tracing
  ☆84Updated 4 months ago
• b-irb / PigPEI
  PEIM (UEFI) bootkit targeting OVMF (EDK2)
  ☆41Updated 2 years ago
• backengineering / pdbgen2
  Generate a PDB file given the old PDB file and an address mapping
  ☆51Updated 5 months ago
• DownWithUp / WarbirdExamples
  An example of how to use Microsoft Windows Warbird technology
  ☆30Updated 2 years ago
• redthing1 / w1tn3ss
  dynamic binary instrumentation, analysis, and patching framework
  ☆99Updated last week
• benheise / ANGRYORCHARD
  A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.
  ☆34Updated 3 years ago
• badhive / alca
  Rule Engine for Dynamic Malware Analysis and Research
  ☆25Updated 8 months ago
• rand-tech / ida9rewriter
  Bump your ida python script automatically!
  ☆31Updated 8 months ago
• djolertrk / kovid-obfuscation-passes
  A set of LLVM and GCC based plugins that perform code obfuscation.
  ☆136Updated 2 months ago
• ssnob / hidden_syscall_monitoring
  monitors hidden syscalls called from call of duty anticheat
  ☆89Updated last year
• milankovo / YaraVM
  This repository contains an IDA processor for loading and disassembling compiled yara rules.
  ☆44Updated last year
• milankovo / zydisinfo
  ☆29Updated 2 weeks ago
• gerhart01 / Hyper-V-Tools
  Different tools for Microsoft Hyper-V researching
  ☆63Updated 3 weeks ago
• Pdawg-bytes / UEFIBootKit
  A simple UEFI bootkit made by @NSG650 and me.
  ☆26Updated last year
• backengineering / elderscroll
  PDB Rewriting Rust Library
  ☆26Updated last year
• MrRoy09 / VMwhere
  LLVM based obfuscation engine
  ☆108Updated 6 months ago
• AmitMoshel1 / PatchGuardEncryptorDriver
  An improved version of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.
  ☆73Updated 9 months ago
• 3dnow / NtCreateLowBoxToken
  A fully compatible replacement of Windows NT NtCreateLowBoxToken syscall - precisely restored from reverse engineering
  ☆41Updated 7 months ago
• kkent030315 / detect-anyrun
  ANY.RUN sandbox detection collection
  ☆22Updated last year
• un4ckn0wl3z / PCIE-Detector
  Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures
  ☆37Updated last year
• m417z / x64dbg-xfg-marker
  An x64dbg plugin which marks XFG call signatures as data
  ☆78Updated 2 years ago
• ergrelet / themida-spotter-bn
  A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.
  ☆89Updated last year
• m417z / thread-call-stack-scanner
  Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…
  ☆80Updated 6 months ago
• Peribunt / VPGATHER
  Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …
  ☆49Updated last week