Alternatives and similar repositories for stegosphere

Users that are interested in stegosphere are comparing it to the libraries listed below

• JKornev / NTlib
  Static library and headers for linking your software with ntdll.dll
  ☆34Updated 5 years ago
• hasherezade / pe_utils
  A set of small utilities, helpers for PIN tracers
  ☆32Updated last year
• namazso / msvcrt.lib
  .lib file for linking against the NT CRT
  ☆19Updated 3 years ago
• P1tt1cus / FastSymApi
  FastSymApi - A Fast API PDB Symbol Cache Server that efficiently caches and compresses PDBs on disk for quick and repeated retrieval.
  ☆19Updated last month
• h4xu3lyn / NTLib
  Headers for linking your software with ntdll.dll
  ☆15Updated 4 years ago
• EngineOwningSoftware / HWBRK
  Windows x86 Hardware Breakpoint class for Windows >Vista
  ☆23Updated 9 years ago
• zyantific / zydis-py
  Zydis Python Bindings (Work In Progress)
  ☆31Updated 3 years ago
• 0vercl0k / inject
  Yet another Windows DLL injector.
  ☆39Updated 3 years ago
• repnz / windows-imports-searcher
  Support Windows OS Reversing by searching easily for references to functions across many DLLs
  ☆34Updated 3 years ago
• hasherezade / pin_n_sieve
  An experimental dynamic malware unpacker based on Intel Pin and PE-sieve
  ☆61Updated last year
• thejanit0r / x86_dasm
  Lightweight x86-64 disassembling library
  ☆43Updated 3 years ago
• Peribunt / Wow64-HeavensGate
  Basic utilities for executing, reading and writing 64-bit data in a 32-bit WoW64 process
  ☆17Updated 3 years ago
• alfarom256 / MinifilterResearch
  ☆16Updated 2 years ago
• gabriellandau / CISpotter
  Code Integrity Violation Spotter
  ☆17Updated last year
• Lima-X / XOrCryptEx
  XOrCryptEx lightweight C Utility/Algorithm
  ☆12Updated 3 years ago
• securesean / Shim-Process-Scanner
  Windows x64 Process Scanner to detect application compatability shims
  ☆37Updated 6 years ago
• OrShazam / ChainEngine
  automates exploits using ROP chains, using ntdll-scraper
  ☆16Updated 3 years ago
• DownWithUp / WarbirdExamples
  An example of how to use Microsoft Windows Warbird technology
  ☆28Updated 2 years ago
• Zhuagenborn / Windows-x86-Debugger
  🐞 A simple Windows x86 debugging framework written in C++20 that supports software breakpoints and hardware breakpoints. It can be used …
  ☆12Updated 5 months ago
• waleedassar / SyscallNumberFinder
  ☆33Updated 3 years ago
• aaaddress1 / wow64Jit
  Call 32bit NtDLL API directly from WoW64 Layer
  ☆60Updated 4 years ago
• tsarpaul / WinRpcTutorial
  A working version of this tutorial: https://docs.microsoft.com/en-us/windows/desktop/rpc/tutorial
  ☆16Updated 6 years ago
• Mattiwatti / WinMain-is-usually-a-function
  Windows NT port of 'Main is usually a function. So then when is it not?'
  ☆26Updated last year
• hasherezade / libpeconv_tpl
  A ready-made template for a project based on libpeconv.
  ☆47Updated 6 months ago
• secrary / idenLibX
  idenLib (Library Function Identification) plugin for x32dbg
  ☆42Updated 6 years ago
• jxy-s / vfdynf
  Application Verifier Dynamic Fault Injection
  ☆39Updated this week
• KelvinMsft / TechMyths
  ☆17Updated 2 years ago
• omerk2511 / NotifyRoutinesResearch
  A research project about Windows notify routines.
  ☆37Updated 5 years ago
• Fyyre / directntapi
  DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10
  ☆53Updated last year
• Colton1skees / WinTTD
  Reverse engineered API for Microsoft's Time Travel Debugger
  ☆35Updated last year