Alternatives and similar repositories for NTFSDirectorySystem

Users that are interested in NTFSDirectorySystem are comparing it to the libraries listed below

• socjordi / sauron
  Windows Monitoring Agent (process creation + DLL loading monitor + network monitor + file system access monitor + etc)
  ☆63Updated 6 years ago
• japajoe / StackVMCPP
  A stack and register based virtual machine which can compile and execute arbitrary code in runtime
  ☆45Updated 7 months ago
• egtra / ndiscap-packet
  Windows ndiscap.sys adapter for WinPcap applications
  ☆27Updated 9 years ago
• kaimi-io / event-tracing-for-windows
  Library for ETW, ProcessTracker sample based on ETW
  ☆34Updated 8 years ago
• KernelPanic-OpenSource / Win2K3_NT_sdktools
  Windows Server 2K3 NT 5
  ☆12Updated 4 years ago
• muxq / hellorpc
  windows rpc 使用MIDL+RPC实现HelloWorld
  ☆23Updated 7 years ago
• Chuyu-Team / woflib
  An open source library for operating the Windows Overlay Filter driver.
  ☆22Updated 6 years ago
• packetzero / etwrealtime
  Example of real-time Windows ETW packet capture session
  ☆53Updated 8 years ago
• MeeSong / MBox
  Windows tool box library
  ☆66Updated 7 years ago
• zodiacon / ObjDir
  Simple command line version of Sysinternals WinObj. Currently just lists object names and types given an object manager directory.
  ☆21Updated 2 years ago
• xmoezzz / NativeLib-R
  ntos internals
  ☆22Updated 5 years ago
• prash-wghats / Dtrace-ETW
  DTrace for Windows in userspace; Frontend to ETW
  ☆27Updated 3 years ago
• aaaddress1 / wow64Jit
  Call 32bit NtDLL API directly from WoW64 Layer
  ☆60Updated 4 years ago
• Mattiwatti / dumplib
  Import library generator for x86 PE files
  ☆59Updated 6 years ago
• AndrewGaspar / km-stl
  A drop-in replacement for the C++ STL for kernel mode Windows drivers. The goal is to have implementations for things like the standard a…
  ☆32Updated 9 years ago
• fengjixuchui / CodaPinTracer
  Lightweight WINAPI tracing with Pin
  ☆27Updated 6 years ago
• SanseoLab / simpleAVdriver
  Simple AntiVirus Driver example
  ☆39Updated 7 years ago
• binbibi / CallbackEx
  Demo List cm/ps/ob/minifilter callback And Patch/Bypass it
  ☆29Updated 7 years ago
• jnastarot / soul_eater
  it can extract functions from .dll, .exe, .sys and it be work! :)
  ☆39Updated 6 years ago
• Biswa96 / TraceEvent
  Trace events in real time sessions
  ☆44Updated 2 years ago
• jw910731 / MemLoadProgram
  This is a POC for loading shared object directly from memory without accessing the actual Linux file system.
  ☆22Updated 4 years ago
• lieff / dynobj
  Dynamic COFF object loader
  ☆23Updated 7 years ago
• eyalfishler / CrystalCPUID
  use crystalCPUID to identify vt-x & amd-v
  ☆17Updated 10 years ago
• repnz / windows-inspector
  A driver to intercept low level windows events
  ☆62Updated 6 years ago
• 474172261 / DataProtector
  A simple ransomware defender.It uses minifilter to filt "rewrite" and "delete" events in kernel.And it handles event in user mode.
  ☆27Updated 7 years ago
• Barakat / windows.sandbox
  Windows sandbox PoC
  ☆32Updated 5 years ago
• Vicshann / Common
  Some eternal WIP stuff :)
  ☆20Updated 7 months ago
• x64dbg / x64dbgpy3
  WIP python3 plugin for x64dbg
  ☆16Updated 4 years ago
• bb107 / WinSudo
  Execute commands as local system.
  ☆61Updated 6 years ago
• KNSoft / NTAssassin
  NTAssassin is a fast, small and powerful library helps C/C++ development on Windows
  ☆32Updated last year