Sentinel-One/peafl64

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Sentinel-One/peafl64)

Sentinel-One / peafl64

Static Binary Instrumentation tool for Windows x64 executables

☆206

Alternatives and similar repositories for peafl64

Users that are interested in peafl64 are comparing it to the libraries listed below

Sorting:

yardenshafir / IoRingReadWritePrimitive
View on GitHub
Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2
☆250Jul 5, 2022Updated 3 years ago
commial / ttd-bindings
View on GitHub
Bindings for Microsoft WinDBG TTD
☆235Aug 5, 2023Updated 2 years ago
KiFilterFiberContext / warbird-hook
View on GitHub
Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
☆268Aug 31, 2022Updated 3 years ago
quarkslab / rewind
View on GitHub
Snapshot-based coverage-guided windows kernel fuzzer
☆323Dec 16, 2021Updated 4 years ago
airbus-cert / ttddbg
View on GitHub
Time Travel Debugging IDA plugin
☆592Jun 27, 2024Updated last year
ergrelet / resym
View on GitHub
Cross-platform tool that allows browsing and extracting C and C++ type declarations from PDB files.
☆360Feb 9, 2025Updated last year
GetRektBoy724 / DCMB
View on GitHub
Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!
☆249Jul 9, 2024Updated last year
wmliang / pe-afl
View on GitHub
☆251Sep 26, 2020Updated 5 years ago
0dayResearchLab / msFuzz
View on GitHub
msFuzz is a coverage-guided fuzzer for Windows kernel drivers that utilizes Intel PT and leverages constraint and dependency analysis to …
☆218Dec 24, 2025Updated 2 months ago
hugsy / CFB
View on GitHub
CFB is a ProcMon-style tool designed to assist capturing IRPs sent to Windows drivers.
☆333Mar 26, 2024Updated last year
Signal-Labs / BasicWXAMFuzzer
View on GitHub
☆44Aug 8, 2022Updated 3 years ago
SoftSec-KAIST / NTFuzz
View on GitHub
NTFUZZ: Enabling Type-Aware Kernel Fuzzing on Windows with Static Binary Analysis (IEEE S&P '21)
☆109Oct 21, 2021Updated 4 years ago
thesecretclub / SandboxBootkit
View on GitHub
Bootkit for Windows Sandbox to disable DSE/PatchGuard.
☆317Oct 13, 2024Updated last year
Colton1skees / Dna
View on GitHub
LLVM based static binary analysis framework
☆302Apr 2, 2025Updated 10 months ago
synacktiv / Windows-kernel-SegmentHeap-Aligned-Chunk-Confusion
View on GitHub
PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap
☆215Jul 2, 2020Updated 5 years ago
Team-BT5 / WinAFL-RDP
View on GitHub
WinAFL modified for RDP client fuzzing
☆20Dec 18, 2022Updated 3 years ago
ex0dus-0x / fuzzable
View on GitHub
Framework for Automating Fuzzable Target Discovery with Static Analysis.
☆548Feb 1, 2024Updated 2 years ago
0vercl0k / wtf
View on GitHub
wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kerne…
☆1,726Jan 2, 2026Updated last month
googleprojectzero / Hyntrospect
View on GitHub
☆185Jan 12, 2023Updated 3 years ago
eset / stadeo
View on GitHub
Control-flow-flattening and string deobfuscator
☆160Nov 8, 2021Updated 4 years ago
airbus-seclab / AutoResolv
View on GitHub
☆85Oct 15, 2022Updated 3 years ago
ergrelet / windiff
View on GitHub
Web-based tool that allows comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the …
☆355Updated this week
mandiant / STrace
View on GitHub
A DTrace on Windows Reimplementation
☆369Feb 3, 2026Updated 3 weeks ago
0vercl0k / kdmp-parser
View on GitHub
A Windows kernel dump C++ parser library with Python 3 bindings.
☆213Oct 5, 2025Updated 4 months ago
ergrelet / cpplumber
View on GitHub
Static analysis tool based on clang, which detects source-to-binary information leaks in C and C++ projects
☆86Oct 2, 2022Updated 3 years ago
IntelLabs / kAFL
View on GitHub
A fuzzer for full VM kernel/driver targets
☆775Feb 11, 2026Updated 2 weeks ago
gerhart01 / Hyper-V-Internals
View on GitHub
Internals information about Hyper-V
☆731Dec 20, 2025Updated 2 months ago
D4stiny / ExceptionOrientedProgramming
View on GitHub
Abusing exceptions for code execution.
☆113Jan 30, 2023Updated 3 years ago
hgarrereyn / GraphFuzz
View on GitHub
GraphFuzz is an experimental framework for building structure-aware, library API fuzzers.
☆271Jan 16, 2024Updated 2 years ago
freingruber / JavaScript-Raider
View on GitHub
JavaScript Fuzzing framework for v8
☆142Jan 24, 2022Updated 4 years ago
TimMisiak / WinDbgCookbook
View on GitHub
This is a repo for small, useful scripts and extensions
☆258Jun 1, 2023Updated 2 years ago
rad9800 / misc
View on GitHub
miscellaneous scripts and programs
☆277Jan 23, 2025Updated last year
Accenture / VulFi
View on GitHub
IDA Pro plugin for query based searching within the binary useful mainly for vulnerability research.
☆658May 13, 2025Updated 9 months ago
0xcpu / ExecutiveCallbackObjects
View on GitHub
Research on Windows Kernel Executive Callback Objects
☆315Feb 22, 2020Updated 6 years ago
gdabah / win32k-bugs
View on GitHub
Dump of win32k POCs for bugs I've found
☆381Mar 6, 2022Updated 3 years ago
Y3A / winkafl
View on GitHub
Static binary instrumentation for windows kernel drivers, to use with winafl
☆81Feb 5, 2025Updated last year
vp777 / Windows-Non-Paged-Pool-Overflow-Exploitation
View on GitHub
Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CV…
☆258Sep 1, 2022Updated 3 years ago
sam-b / windows_kernel_address_leaks
View on GitHub
Examples of leaking Kernel Mode information from User Mode on Windows
☆633Jul 7, 2017Updated 8 years ago
tandasat / hvext
View on GitHub
The Windbg extensions to study Hyper-V on Intel and AMD processors.
☆171Feb 10, 2026Updated 2 weeks ago