Alternatives and similar repositories for yaradbg-backend:

Users that are interested in yaradbg-backend are comparing it to the libraries listed below

• DissectMalware / yaradbg-frontend
  ☆39Updated last year
• TimMisiak / RunWithDll
  A utility that can be used to launch an executable with a DLL injected
  ☆18Updated last year
• rbmm / Services
  ☆18Updated 3 months ago
• mttaggart / quasar
  quASAR: ASAR manipulation made easy
  ☆37Updated 2 years ago
• connormcgarr / Presentations
  ☆28Updated 6 months ago
• anyrun / blog-scripts
  ☆30Updated 5 months ago
• shlyuz / teamserver
  ☆12Updated 2 years ago
• 0xMegaByte / COM-Explained
  ☆25Updated 2 years ago
• rbmm / PPL
  run process as PPL Antimalware
  ☆10Updated last year
• vysecurity / PacketParser
  A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.
  ☆21Updated 9 months ago
• Foolish1337 / kernel-programming
  Progress of learning kernel development
  ☆14Updated 2 years ago
• AnastasiKro / ALPChecker
  ALPChecker - a tool to detect spoofing and blinding attacks on the ALPC interaction
  ☆13Updated 2 years ago
• Yaxser / Itaskhandler
  Implementation of ITaskHandler in C++
  ☆13Updated 2 years ago
• FuzzySecurity / Presentations
  A collection of my presentation materials.
  ☆17Updated last year
• bartblaze / DotNet-MetaData
  Identifies metadata of .NET binary files.
  ☆21Updated last year
• MMitsuha / Tajimari
  the Open Source and Pure C++ Packer for eXecutables
  ☆20Updated 2 years ago
• thefLink / Hunt-Weird-ImageLoads
  Small tool to play with IOCs caused by Imageload events
  ☆42Updated last year
• bluefrostsecurity / Windows-Drive-Remapping-EoP
  ☆29Updated last year
• 0x11DFE / file-unpumper
  Tool that can be used to trim useless things from a PE file such as the things a file pumper would add.
  ☆26Updated last month
• Teach2Breach / NtCreateUserProcess_rs
  example using NtCreateUserProcess in rust
  ☆19Updated 3 months ago
• SolomonSklash / COM-Hijacking
  An example of COM hijacking using a proxy DLL.
  ☆28Updated 3 years ago
• decalage2 / collisions
  Hash collisions and their exploitations
  ☆9Updated 2 years ago
• klezVirus / DCKFinder
  Dangling COM Keys Finder
  ☆17Updated 3 years ago
• therealdreg / dregate
  call gates as stable comunication channel for NT x86 and Linux x86_64
  ☆31Updated last year
• ricardojoserf / NativeNtdllRemap
  Remap ntdll.dll using only NTAPI functions with a suspended process
  ☆21Updated 3 weeks ago
• waleedassar / SyscallNumberExtractor
  ☆24Updated 3 years ago
• mandiant / vbScript_deobfuscator
  Help deobfuscate VBScript
  ☆15Updated 2 years ago
• EvilBytecode / PPID-Spoofing
  Parent Process ID Spoofing, coded in CGo.
  ☆21Updated 2 weeks ago
• 7eRoM / elam
  A Practical example of ELAM (Early Launch Anti-Malware)
  ☆32Updated 3 years ago
• yardenshafir / conference_talks
  Slides from various conference talks
  ☆36Updated last year