OSWatcher / windows-desktopLinks
History and analysis of Windows desktop images
☆19Updated 4 years ago
Alternatives and similar repositories for windows-desktop
Users that are interested in windows-desktop are comparing it to the libraries listed below
Sorting:
- A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection☆32Updated 4 years ago
- Example/starter code for custom Windows application compatibility shims☆35Updated 4 years ago
- Windows Process Lockdown Tool using Job Objects☆69Updated 11 years ago
- ☆20Updated 2 months ago
- An IDA plugin to deal with Event Tracing for Windows (ETW)☆55Updated 3 years ago
- xlrd2 is a variant of xlrd that is actively maintained☆23Updated last year
- AutoIt Analysis Library: Parser & Emulator For Malware Researchers☆21Updated 6 years ago
- ☆36Updated 5 years ago
- Demos and presentation from SECArmy Village Grayhat 2020☆38Updated 2 years ago
- Windows x64 Process Scanner to detect application compatability shims☆37Updated 6 years ago
- ☆24Updated 5 years ago
- Simple tool to use LsaManageSidNameMapping get LSA to add or remove SID to name mappings.☆23Updated 4 years ago
- ☆35Updated 7 years ago
- r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems☆28Updated 7 years ago
- Blocks drivers from loading by using a name collision technique. #nsacyber☆49Updated 7 years ago
- ☆28Updated 9 months ago
- Rekall Memory Forensic Framework☆32Updated 6 years ago
- ☆22Updated 4 years ago
- ☆34Updated 7 years ago
- Python 3 - Manipulation and conversation with different data type (Bytes operations)☆26Updated 3 years ago
- Experimental: Windows .text section compare - disk versus memory☆15Updated 10 years ago
- Parse Microsoft shim databases☆30Updated 7 months ago
- ☆45Updated 7 years ago
- ☆12Updated 4 years ago
- A DLL that serves OutputDebugString content over a TCP connection☆35Updated 3 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 7 years ago
- Protects and logs suspicious and malicious usage of .NET CSC.exe and Runtime C# Compilation☆25Updated 7 years ago
- Generates YARA rules to detect malware using API hashing☆17Updated 4 years ago
- Crystal Anti-Exploit Protection 2012☆37Updated 5 years ago
- This tool is the result of a reverse engineering process of the Windows service called SysMain. Time to interact with the prefetch files …☆31Updated 4 years ago